last executing test programs: 11.162577067s ago: executing program 2 (id=980): mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0xffffffffffffffff, 0x8000) mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001140)=""/4093, 0xffd) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000040), 0x200080, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) mremap$auto(0x9, 0x3ff, 0x5d, 0x80000000, 0x100) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) 8.790496659s ago: executing program 2 (id=984): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) sendmsg$auto_NET_DM_CMD_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008}, 0x24004080) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000) 7.782871786s ago: executing program 3 (id=978): mmap$auto(0x0, 0x8, 0xfff, 0xeb2, 0x401, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0xaf44529eb48ad963, 0x17c) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) open(0x0, 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x801c581f, 0x0) 7.305773924s ago: executing program 2 (id=981): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/input/event0\x00', 0x20440, 0x0) socket(0x15, 0x5, 0x0) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) 6.47100861s ago: executing program 0 (id=983): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x7, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xf) 6.049324214s ago: executing program 0 (id=985): openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, 0x0, 0x20, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyv8\x00', 0x480, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/tty46\x00', 0x88a42, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x222c0, 0x0) ioctl$auto(0x3, 0x5600, r0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x182, 0x0) 5.557752586s ago: executing program 2 (id=986): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto(0xc, r0, 0x9, 0xfffffffffffff6de) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto_TIOCSTI2(r2, 0x5412, &(0x7f0000000040)="158f4a2b") r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r1, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) 5.557177823s ago: executing program 3 (id=987): mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x69) sendmsg$auto_NET_DM_CMD_CONFIG(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008}, 0x24004080) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x6, 0x0, 0x7, 0x1}, 0x3}, 0x4, 0x20000000) 4.752224602s ago: executing program 3 (id=988): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, 0x0, 0x5, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x400) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) shutdown$auto(r0, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 4.224940503s ago: executing program 3 (id=989): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x3, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x801, 0x84) getsockopt$auto(r0, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) write$auto(0x3, 0x0, 0x5c8) 4.220140848s ago: executing program 0 (id=990): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x40, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) bind$auto(r0, 0x0, 0x6f) 4.219581559s ago: executing program 1 (id=991): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xffffffffffffffff, 0xffffffffffff0002, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/loop5/rqos/wbt/wb_normal\x00', 0x20000, 0x0) pread64$auto(r1, 0x0, 0x6f, 0x3) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x6f29, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0x1000b5, 0x4010, 0x8, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x1, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x18, &(0x7f0000000380)=@bpf_attr_11={0x0, 0x9, 0x7, 0x100005, 0x80000009, 0xfffffe01, 0x8, r2}, 0x92) faccessat2$auto(0x1, 0x0, 0x4, 0x1200) 3.742362935s ago: executing program 3 (id=993): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/memory.force_empty\x00', 0xa001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5e30523b26a2a748, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b66, r0) 3.740473389s ago: executing program 2 (id=1002): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x1, 0x7ff) ptrace$auto(0xc, r0, 0x9, 0xfffffffffffff6de) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto_TIOCSTI2(r2, 0x5412, &(0x7f0000000040)="158f4a2b") r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r3, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r1, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) 3.227488871s ago: executing program 1 (id=994): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) unshare$auto(0x40000080) setregid$auto(0x81, 0x0) io_uring_setup$auto(0x2008, 0x0) clock_nanosleep$auto(0x2, 0x6, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x81, 0x8000000000001, 0xa}, 0xb, 0x0) landlock_restrict_self$auto(r0, 0x8) 3.150683744s ago: executing program 0 (id=996): unshare$auto(0x40000080) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, &(0x7f0000000040)=0x5) open_by_handle_at$auto(0xffffffffffffffff, 0x0, 0x3) socket(0x11, 0x3, 0x9) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_FIOASYNC(r1, 0x5452, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x8000fff5) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, 0x0) 3.00835163s ago: executing program 3 (id=997): prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) socket(0x25, 0xa, 0xebff) socket(0xa, 0x1, 0x84) capset$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000040), 0x1bf8c0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) writev$auto(r0, &(0x7f0000000100)={0x0, 0x9}, 0x2) write$auto(r0, &(0x7f00000000c0)='7\x00\\\x1c\xe7k\x00\x00\x00\x00\x00\x00\x00\x00', 0x8083a) 2.028897465s ago: executing program 1 (id=998): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x0) socket(0x10, 0x2, 0x4) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0) statmount$auto(&(0x7f0000000040)={0x1f, @raw, 0x80000023, 0xf5ff, 0x8}, 0x0, 0x7ffffffff000, 0x0) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) poll$auto(&(0x7f0000000040)={r2, 0xfff7, 0x6}, 0x7f, 0x9) 1.774756821s ago: executing program 1 (id=999): unshare$auto(0x40000080) acct$auto(&(0x7f0000000000)='/dev/sequencer2\x00') openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x128008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) shmget$auto(0x0, 0x7b, 0x100) madvise$auto(0x108000, 0x2, 0xa) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400, 0x2) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x5404, 0x0) ioctl$auto_SNDCTL_TMR_TEMPO(r0, 0xc0045405, &(0x7f0000000140)) 905.054876ms ago: executing program 1 (id=1000): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) clone$auto(0x20003b4b, 0xa, 0x0, 0x0, 0x10) close_range$auto(0x2, 0xa, 0x0) r0 = gettid() process_vm_writev$auto(r0, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) sched_rr_get_interval$auto(r0, &(0x7f0000000080)={0x4221, 0x4000000000000000}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_score_adj\x00', 0x102, 0x0) r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r1) sendmsg$auto_NFC_CMD_VENDOR(r1, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001280)={&(0x7f0000000240)={0xc78, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_POWERED={0x5}, @NFC_ATTR_VENDOR_SUBCMD={0x8}, @NFC_ATTR_SE_APDU={0xc54, 0x19, "53c07fb7e4fc159c8c8c9fbb3a7a39aafcad126cd5fb04d54f43e48d1929033262154d20ff593d93e085dcff989a02c19f0b8c63b156c140bfc20ed9e57e894e5a13ff3a1fc925e2ebc205c9e2d21fdc35bc6d9f083cc8e8c6b83d7ceec0996cdce958a3c53c2b78261f34f6e1300504495f08ad8a9b9bad0c6486a351a59f28dc45c2e345e076424912785dad46f2a52ff31c0e9e8b92850615488ca9e6360a8989a84c17b23c80e8d5ed1a7db0f217fe21d2f68ab95a283719561d333042805799de24382906856517f9dea1a346838ee85ccb94544cf8aec4ddb4d1a731a23aae3e63e225b48fc3d8b18aa733d0db5652934d9e58ad4392ce5759d30886ff6afe0a3994e3c3edbd06bb2d2b65d0f4dbf2be08419c2a9297592ab83c23fe845581e1f45b82810e633e02c6c80ee50036e878b6cf13c50f36d3c4380231041e7b6a2caeea5fae82300cbda564fc3e537b44ad76169bc47f6cc96fc4becd632b4d252dcde0d1ef3beb09b2925bd85565dd24d04fe738dc171e5a7b2a8af22d996d36b00c609c1e7431157bd49c3fbad669ca046d1f59c2beaaab187f4debb782aa62dfda6e850394d3fbd068c81546f15bb38846cc864b402ac097b95c0587fbb96682701e64450dcdcbe8a1f66866eda54185383f33c21fc319fee9a742c613f6fae626c33b1f54774ba8cf47bceccae8a20bb0a1fa5cd9b57e82a91de67271063f0f5dd47eeee54d3716ec4e7bf58dc7ffea7b73c9cb9507d44a841e3199b60f757d309d9eb7d452f048a5aac24baf81b0991a33166553b95193136990f6b42baf1714568b2c234e31fad7f55e59a27c0225a3e2fb46aedd42c6a41e64c69113fbfc92722c37510b0c84a93ef8775fd95f9103c8e4a73e7ecf96ccbb5f0bb87a2b44d0a925cbbd9cfb5a13c58cb4cda5fa99616322ddde3740ef6053268d15ea68052436443bad81af74fb526dc8ec3e1801e717376dc94c1177be29618223dbb3564d83f8ff715f5fb679e96109d15bc2140d0bb9115271536f3947969142326724ca19b6750b323b76ac309ae7f506120885b255c12569c0d752b67dc6755390ee2262dd7a45afa39900590ffd7192d83599172ea726fea454491d90fc4d26a62323a47a4f30ad01b2eb2864b4279e6b411285e99766982fa5194ddb64855dbf147c3fe7a6292c6bdb3a46396b4d07bffcb56d03cebff1a68bcedf7c5dc4a1863cb986a6e803b59870f209ee58a283d1043d2f9dbfceab36c4c1cd3d7ccde0ba54ed854af30a7c80955fdba15f42a1f3e113e36f34029061335d45caaa3037d1a884c111a40deaf5e5535d9179095a98de1bbffbc3a776f07332c8b59815126be5e2b9067258d3ffa3d3977fc66047ac033e855f0f1dccda8a406b16fb77070cce74a9292e4368ed280b79026dfa0c36d54424db7420b64abbc497e71c9258e6ed770ab5ea95213929a067fc6f2228dbd7bba9ad1ea405465cf505e10bb7d7144853fd5c3c75f2e7464bb2837da18eacdf63576799124aabeb5a2eee77aa228592044ea43e0fb141ffedd63aa64d28696fb5769cc15ca7af14f820b9ab728c161cd0345be91cf70892d949d50925c38c01b083513cf0d7001d8e23a3a468170102a1dbe77211bff3db6e8418ecfe7d7ad48804eb9dac5c1094ffefd1558af1b807389f0f9283338b3829bb9f6d26325d748b7f07c08250b19903b824228d05562a5148f64ccfb3fb9ab22b40157274a46fadc66045f0276acb5f32a338418b8b7cac63511dac1826ee4fcd20e4a072a16e319686086583574d7b3207185863115a0c885f89f6cf2a450d315fd35baa5acd05ae777f37a798f85302e9204bd67f295ab4a91f7d04bbc046570fb26779eb21540d0fafaec861208de244c5af09b376f819cd73cb4ec1571bf416e47ebd2a0b455a10caa8cf8993b56a9cb0fade178cd193f0e170ff40af6e081e2a3d4bc2af33ffdb82e7c04b51b06946222fcce7b0a62ad282e9f189ec45f2d8ca43d45914878b734d0b41650d294ae99e4abd92f71370ab14ca17374adb385b1f5c4aee6d743b6ecf8329be5917a519630ead6f17fb31680b761ac0a3a2f111c6a65f099359ef07c5f70578bc67efa80ef62cc991f4f8ba6bc271bdc9a60091e5d9346d9f5f1c9853ad0e4c83331a77501c721a252f433b94f25a68abaa0cab1172f0412d19074c0700e7435d0ec3ca74e6c6903c870c20d052364a6c90d2c94967f7d9beaebac4c6eb578efc2b5c5387ba734760cb7e3c52179bf16d9a8f4f3ed2e6def79ad48eed2a160985ef0211a83c64aaa215fa44a6ece2f92afbb2dabfd9d6b5d3357fb195e7b75b36b44f14d502529315ad903b5174cf06970434e7e7b0dcab4b070ec4e5cc95dde31a346a82edc9675d622cca82ff4c4152e363f036c6b32d486daf3107bc792c306b94e4ceab7366bfa1d0248ac68bbc98a3ecaf3f279aaf1f9b4d6d58e276384ec7459679dea861ab6f41611984eae0e74080dca68c70015196df9666c7d205bcb978561cd7913ca53e6fae1b863846753fd3879e8379e7a5a53703bde4a3f46b63cf2f3816c81a937510531bbbfb81f6894fd83ce98a363e02e75111f8bd01aa9e330a0ad5f273862100d771de1246dec94c41f3f95ce179f75286a1d56fe96d9fa1a7a7a2e441ea80fa5d85bd555c17b74ed66c539732b0508d7a7c4d85da4c2ce4d2259559ff1087de9e2f99a377a28dc3027b4eed74e823bc3fea1ad5f0937949fa97f06452a465d48190348dedf8d83018e93f18d4acb872f7725289e0f6bc8013eb14dd3fffdb5e91a206fc289a3989bf22196e239abe7d520c4a12dd6c01e90fdf0b0f4a56496ed0574a6c627d41a010da4d37bce936e28e6c5ae9f709312a1e26641e6815c141f4607eff1de1f51497b366c5ffb1e0ac3e324545925e1b5836964bf290e2d70d4379d8a447965d7495d597205b74827dd54a2034b8e9e5315dce69b21b2a36bc521483b586a8ab3018e33f4292d2a2ba53857f2a957af8419d5d66138111bc33e678fc3d1a947a4ab21a98e4115bf2cc025d6c01b26ada81c3bc33e3d3babc715dcdb298f16b1ff62e391d6f17aeca4ca58a86289fa3fee04abdef964e3f675f0e57850b438a23c988cc7dcf5bed78f4c2aba63e13dcfbe9d9554eeabaeaa6fd18e4544bb3dba9973fecc1c9b1757e8df478596232ddea4e5ec274ad83d02bfacec6db51a9e2a0e9d1bfbbb65a52640e539ced27507db1ab22fda3b5951e1600658eb99c3cdb6d2260e5d99266d6c5f249b0d9ab308875d9e34326cd85a081053704be01dd354aca985e31fb112b2f446625f011f20fdcf4ee737df9cccbb5e4965a35011bf969c1d8e93f6a03b20acc231ae788713f20014def757be7d04251d5d9bec5a0d44d80df20d64db92748c0f1ca1cf0a97e63a983c9e2b377876b45e8be59edf73cb9b2bdac466921d6a10e83568ab442909e2900032c90f539aea2bd839ccc0668ef40d44419d00f4591ee01e4c66e79e22bcb712ab0bfbadce8d57980000255ca2bd2552dec819a0b77207966692f97e0c07cbcd445c0da39541dbc8e1bd104bfa1edc9adafe895a78d6be5e89ccbe5232c9b80c2240d5ac026e59e882adb2028aeca95611578614d910e73b7189993f95b800d74c31991423456954fad0245691235fbfcb14968441ed41182169c6edf1f59a9a36d7b515b99ff9cb092528e33afecce3cab3ae303ad4450f1442d0b4c2388e83d07a77fc5f3ff2ca21904696754b7b4b3b5742dc87d80831a1f5023bb2d84172b12672f90348c39c96e638707f2f87f1bea3e27fa04419009f211d7dd6e1781275e62935892f422060b115cedc0b70d4046bf6398f301283dae3246ffaa8c9d3a579be1cc787867fe21e102f32ddee5090ec21aaca8ea33e581b36d2f4bee8e8810bf3b567cd5ed2bfe5b9bb6d6efb6da435d6fa585f9a843b6bb7403a0ecaab843fe28fd079cc26bf4df5509edb467fe917ffbd3b4e99144c63db71b118720e44cd062084baaf2c802cb753c909b6dce3e748f10cf29cfefb2dfe030b870f770a9351a933fed9bedd3c07f0fc8f119645ac8cdb569ed9c89d8e2d040dfd1ea72f14058f90412d30a8d8008786f836dc2cf6e7d44b83daf064d498ddf4138fadb813b15aecdb585421cfd866e86c6e2482624935fd59ab129da607364fbe16cfd15b609ddde9a9cc60a0d0b409f4600c09162149e24b60e098f7d517cef0ea783bc2e90a5eac9dbe6034e07948089ad748711c22a8c694283efcb5f669db1a8c8bc864986f291a98cd379ef27e2099ad5f13295dd64002b78df40eb39e0d7f3e36a39961d47437d4510bc2464437430c4895343baeb088089d96dc281d45ede18bd4b5be3a82d6992471b08e3ed67b40c66e6dbda29c4105bf79aac36b94d70b38f18ade32e8cb7ebc0b79f811d811ea759"}]}, 0xc78}, 0x1, 0x0, 0x0, 0x4040080}, 0x800) read$auto(r2, 0x0, 0x7fff) write$auto(0x3, 0x0, 0xfffffdef) 773.852875ms ago: executing program 0 (id=1001): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) read$auto(r0, 0x0, 0x10001) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x2) sysfs$auto(0x2, 0x24, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0xaf0) 222.76284ms ago: executing program 2 (id=1003): rseq$auto(&(0x7f0000000080)={0xe, 0x401, 0x10000000004, 0x806, 0x0, 0x2}, 0xffffff65, 0x0, 0x8000006) rseq$auto(&(0x7f00000002c0)={0x7, 0x4, 0xffffffffffff0000, 0xa, 0x0, 0x10, "0bdf98835933ba0e2e9ed6d9aaf3855bc4117f0a293ed16bf7e17e1d68a21b50a861d6a0"}, 0x0, 0x0, 0x10001) mmap$auto(0x0, 0x20006, 0x4000000000dd, 0x13, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) unshare$auto(0x40000080) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) ioctl$auto(0x3, 0x8208ae63, 0x38) mbind$auto(0x8000000000000002, 0x100000004, 0x100000000, 0x0, 0x9, 0x2) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) 3.168744ms ago: executing program 0 (id=1004): socket(0x21, 0x2, 0xa) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu1/power/pm_qos_resume_latency_us\x00', 0x183042, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/virt_wifi0/base_reachable_time_ms\x00', 0x104000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) io_uring_setup$auto(0xe, &(0x7f0000000100)={0xffffffff, 0x1, 0x0, 0xa4c, 0x7, 0x10, r1, [0x0, 0x1, 0xa], {0x4, 0x6f4, 0x0, 0xff, 0xa, 0x5, 0x130, 0x1ff, 0x3}, {0xd5, 0x0, 0xff, 0x4, 0x4f54, 0x80002, 0x4, 0x6, 0x99a}}) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 0s ago: executing program 1 (id=1012): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) clone$auto(0x20003b4b, 0xa, 0x0, 0x0, 0x10) close_range$auto(0x2, 0xa, 0x0) r0 = gettid() process_vm_writev$auto(r0, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) sched_rr_get_interval$auto(r0, &(0x7f0000000080)={0x4221, 0x4000000000000000}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/oom_score_adj\x00', 0x102, 0x0) r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), r1) sendmsg$auto_NFC_CMD_VENDOR(r1, &(0x7f00000012c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001280)={&(0x7f0000000240)={0xc78, r3, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NFC_ATTR_DEVICE_POWERED={0x5}, @NFC_ATTR_VENDOR_SUBCMD={0x8}, @NFC_ATTR_SE_APDU={0xc54, 0x19, "53c07fb7e4fc159c8c8c9fbb3a7a39aafcad126cd5fb04d54f43e48d1929033262154d20ff593d93e085dcff989a02c19f0b8c63b156c140bfc20ed9e57e894e5a13ff3a1fc925e2ebc205c9e2d21fdc35bc6d9f083cc8e8c6b83d7ceec0996cdce958a3c53c2b78261f34f6e1300504495f08ad8a9b9bad0c6486a351a59f28dc45c2e345e076424912785dad46f2a52ff31c0e9e8b92850615488ca9e6360a8989a84c17b23c80e8d5ed1a7db0f217fe21d2f68ab95a283719561d333042805799de24382906856517f9dea1a346838ee85ccb94544cf8aec4ddb4d1a731a23aae3e63e225b48fc3d8b18aa733d0db5652934d9e58ad4392ce5759d30886ff6afe0a3994e3c3edbd06bb2d2b65d0f4dbf2be08419c2a9297592ab83c23fe845581e1f45b82810e633e02c6c80ee50036e878b6cf13c50f36d3c4380231041e7b6a2caeea5fae82300cbda564fc3e537b44ad76169bc47f6cc96fc4becd632b4d252dcde0d1ef3beb09b2925bd85565dd24d04fe738dc171e5a7b2a8af22d996d36b00c609c1e7431157bd49c3fbad669ca046d1f59c2beaaab187f4debb782aa62dfda6e850394d3fbd068c81546f15bb38846cc864b402ac097b95c0587fbb96682701e64450dcdcbe8a1f66866eda54185383f33c21fc319fee9a742c613f6fae626c33b1f54774ba8cf47bceccae8a20bb0a1fa5cd9b57e82a91de67271063f0f5dd47eeee54d3716ec4e7bf58dc7ffea7b73c9cb9507d44a841e3199b60f757d309d9eb7d452f048a5aac24baf81b0991a33166553b95193136990f6b42baf1714568b2c234e31fad7f55e59a27c0225a3e2fb46aedd42c6a41e64c69113fbfc92722c37510b0c84a93ef8775fd95f9103c8e4a73e7ecf96ccbb5f0bb87a2b44d0a925cbbd9cfb5a13c58cb4cda5fa99616322ddde3740ef6053268d15ea68052436443bad81af74fb526dc8ec3e1801e717376dc94c1177be29618223dbb3564d83f8ff715f5fb679e96109d15bc2140d0bb9115271536f3947969142326724ca19b6750b323b76ac309ae7f506120885b255c12569c0d752b67dc6755390ee2262dd7a45afa39900590ffd7192d83599172ea726fea454491d90fc4d26a62323a47a4f30ad01b2eb2864b4279e6b411285e99766982fa5194ddb64855dbf147c3fe7a6292c6bdb3a46396b4d07bffcb56d03cebff1a68bcedf7c5dc4a1863cb986a6e803b59870f209ee58a283d1043d2f9dbfceab36c4c1cd3d7ccde0ba54ed854af30a7c80955fdba15f42a1f3e113e36f34029061335d45caaa3037d1a884c111a40deaf5e5535d9179095a98de1bbffbc3a776f07332c8b59815126be5e2b9067258d3ffa3d3977fc66047ac033e855f0f1dccda8a406b16fb77070cce74a9292e4368ed280b79026dfa0c36d54424db7420b64abbc497e71c9258e6ed770ab5ea95213929a067fc6f2228dbd7bba9ad1ea405465cf505e10bb7d7144853fd5c3c75f2e7464bb2837da18eacdf63576799124aabeb5a2eee77aa228592044ea43e0fb141ffedd63aa64d28696fb5769cc15ca7af14f820b9ab728c161cd0345be91cf70892d949d50925c38c01b083513cf0d7001d8e23a3a468170102a1dbe77211bff3db6e8418ecfe7d7ad48804eb9dac5c1094ffefd1558af1b807389f0f9283338b3829bb9f6d26325d748b7f07c08250b19903b824228d05562a5148f64ccfb3fb9ab22b40157274a46fadc66045f0276acb5f32a338418b8b7cac63511dac1826ee4fcd20e4a072a16e319686086583574d7b3207185863115a0c885f89f6cf2a450d315fd35baa5acd05ae777f37a798f85302e9204bd67f295ab4a91f7d04bbc046570fb26779eb21540d0fafaec861208de244c5af09b376f819cd73cb4ec1571bf416e47ebd2a0b455a10caa8cf8993b56a9cb0fade178cd193f0e170ff40af6e081e2a3d4bc2af33ffdb82e7c04b51b06946222fcce7b0a62ad282e9f189ec45f2d8ca43d45914878b734d0b41650d294ae99e4abd92f71370ab14ca17374adb385b1f5c4aee6d743b6ecf8329be5917a519630ead6f17fb31680b761ac0a3a2f111c6a65f099359ef07c5f70578bc67efa80ef62cc991f4f8ba6bc271bdc9a60091e5d9346d9f5f1c9853ad0e4c83331a77501c721a252f433b94f25a68abaa0cab1172f0412d19074c0700e7435d0ec3ca74e6c6903c870c20d052364a6c90d2c94967f7d9beaebac4c6eb578efc2b5c5387ba734760cb7e3c52179bf16d9a8f4f3ed2e6def79ad48eed2a160985ef0211a83c64aaa215fa44a6ece2f92afbb2dabfd9d6b5d3357fb195e7b75b36b44f14d502529315ad903b5174cf06970434e7e7b0dcab4b070ec4e5cc95dde31a346a82edc9675d622cca82ff4c4152e363f036c6b32d486daf3107bc792c306b94e4ceab7366bfa1d0248ac68bbc98a3ecaf3f279aaf1f9b4d6d58e276384ec7459679dea861ab6f41611984eae0e74080dca68c70015196df9666c7d205bcb978561cd7913ca53e6fae1b863846753fd3879e8379e7a5a53703bde4a3f46b63cf2f3816c81a937510531bbbfb81f6894fd83ce98a363e02e75111f8bd01aa9e330a0ad5f273862100d771de1246dec94c41f3f95ce179f75286a1d56fe96d9fa1a7a7a2e441ea80fa5d85bd555c17b74ed66c539732b0508d7a7c4d85da4c2ce4d2259559ff1087de9e2f99a377a28dc3027b4eed74e823bc3fea1ad5f0937949fa97f06452a465d48190348dedf8d83018e93f18d4acb872f7725289e0f6bc8013eb14dd3fffdb5e91a206fc289a3989bf22196e239abe7d520c4a12dd6c01e90fdf0b0f4a56496ed0574a6c627d41a010da4d37bce936e28e6c5ae9f709312a1e26641e6815c141f4607eff1de1f51497b366c5ffb1e0ac3e324545925e1b5836964bf290e2d70d4379d8a447965d7495d597205b74827dd54a2034b8e9e5315dce69b21b2a36bc521483b586a8ab3018e33f4292d2a2ba53857f2a957af8419d5d66138111bc33e678fc3d1a947a4ab21a98e4115bf2cc025d6c01b26ada81c3bc33e3d3babc715dcdb298f16b1ff62e391d6f17aeca4ca58a86289fa3fee04abdef964e3f675f0e57850b438a23c988cc7dcf5bed78f4c2aba63e13dcfbe9d9554eeabaeaa6fd18e4544bb3dba9973fecc1c9b1757e8df478596232ddea4e5ec274ad83d02bfacec6db51a9e2a0e9d1bfbbb65a52640e539ced27507db1ab22fda3b5951e1600658eb99c3cdb6d2260e5d99266d6c5f249b0d9ab308875d9e34326cd85a081053704be01dd354aca985e31fb112b2f446625f011f20fdcf4ee737df9cccbb5e4965a35011bf969c1d8e93f6a03b20acc231ae788713f20014def757be7d04251d5d9bec5a0d44d80df20d64db92748c0f1ca1cf0a97e63a983c9e2b377876b45e8be59edf73cb9b2bdac466921d6a10e83568ab442909e2900032c90f539aea2bd839ccc0668ef40d44419d00f4591ee01e4c66e79e22bcb712ab0bfbadce8d57980000255ca2bd2552dec819a0b77207966692f97e0c07cbcd445c0da39541dbc8e1bd104bfa1edc9adafe895a78d6be5e89ccbe5232c9b80c2240d5ac026e59e882adb2028aeca95611578614d910e73b7189993f95b800d74c31991423456954fad0245691235fbfcb14968441ed41182169c6edf1f59a9a36d7b515b99ff9cb092528e33afecce3cab3ae303ad4450f1442d0b4c2388e83d07a77fc5f3ff2ca21904696754b7b4b3b5742dc87d80831a1f5023bb2d84172b12672f90348c39c96e638707f2f87f1bea3e27fa04419009f211d7dd6e1781275e62935892f422060b115cedc0b70d4046bf6398f301283dae3246ffaa8c9d3a579be1cc787867fe21e102f32ddee5090ec21aaca8ea33e581b36d2f4bee8e8810bf3b567cd5ed2bfe5b9bb6d6efb6da435d6fa585f9a843b6bb7403a0ecaab843fe28fd079cc26bf4df5509edb467fe917ffbd3b4e99144c63db71b118720e44cd062084baaf2c802cb753c909b6dce3e748f10cf29cfefb2dfe030b870f770a9351a933fed9bedd3c07f0fc8f119645ac8cdb569ed9c89d8e2d040dfd1ea72f14058f90412d30a8d8008786f836dc2cf6e7d44b83daf064d498ddf4138fadb813b15aecdb585421cfd866e86c6e2482624935fd59ab129da607364fbe16cfd15b609ddde9a9cc60a0d0b409f4600c09162149e24b60e098f7d517cef0ea783bc2e90a5eac9dbe6034e07948089ad748711c22a8c694283efcb5f669db1a8c8bc864986f291a98cd379ef27e2099ad5f13295dd64002b78df40eb39e0d7f3e36a39961d47437d4510bc2464437430c4895343baeb088089d96dc281d45ede18bd4b5be3a82d6992471b08e3ed67b40c66e6dbda29c4105bf79aac36b94d70b38f18ade32e8cb7ebc0b79f811d811ea759"}]}, 0xc78}, 0x1, 0x0, 0x0, 0x4040080}, 0x800) read$auto(r2, 0x0, 0x7fff) write$auto(0x3, 0x0, 0xfffffdef) kernel console output (not intermixed with test programs): ge_slave_0: entered allmulticast mode [ 92.301650][ T5625] bridge_slave_0: entered promiscuous mode [ 92.312538][ T5626] team0: Port device team_slave_0 added [ 92.340815][ T5625] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.348156][ T5625] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.355340][ T5625] bridge_slave_1: entered allmulticast mode [ 92.363239][ T5625] bridge_slave_1: entered promiscuous mode [ 92.384906][ T5626] team0: Port device team_slave_1 added [ 92.432658][ T5624] bridge0: port 1(bridge_slave_0) entered blocking state [ 92.440121][ T5624] bridge0: port 1(bridge_slave_0) entered disabled state [ 92.447420][ T5624] bridge_slave_0: entered allmulticast mode [ 92.454786][ T5624] bridge_slave_0: entered promiscuous mode [ 92.477455][ T5625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.497548][ T5624] bridge0: port 2(bridge_slave_1) entered blocking state [ 92.504755][ T5624] bridge0: port 2(bridge_slave_1) entered disabled state [ 92.512071][ T5624] bridge_slave_1: entered allmulticast mode [ 92.519713][ T5624] bridge_slave_1: entered promiscuous mode [ 92.535792][ T5625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.546341][ T5626] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.553524][ T5626] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.579649][ T5626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.622770][ T5626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.629964][ T5626] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.656747][ T5626] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.706852][ T5625] team0: Port device team_slave_0 added [ 92.715830][ T5625] team0: Port device team_slave_1 added [ 92.724504][ T5624] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.761418][ T5624] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.834240][ T5625] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.841539][ T5625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.867931][ T5625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.896431][ T5626] hsr_slave_0: entered promiscuous mode [ 92.903057][ T5626] hsr_slave_1: entered promiscuous mode [ 92.909608][ T5626] debugfs: 'hsr0' already exists in 'hsr' [ 92.915430][ T5626] Cannot create hsr debugfs directory [ 92.931017][ T5625] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.938305][ T5625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.964746][ T5625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.978626][ T5624] team0: Port device team_slave_0 added [ 92.987078][ T5624] team0: Port device team_slave_1 added [ 93.108449][ T5624] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 93.116204][ T5624] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.142366][ T5624] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 93.160037][ T5625] hsr_slave_0: entered promiscuous mode [ 93.166432][ T5625] hsr_slave_1: entered promiscuous mode [ 93.173260][ T5625] debugfs: 'hsr0' already exists in 'hsr' [ 93.179112][ T5625] Cannot create hsr debugfs directory [ 93.195030][ T5624] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 93.202723][ T5624] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 93.229645][ T5624] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 93.378140][ T5624] hsr_slave_0: entered promiscuous mode [ 93.384551][ T5624] hsr_slave_1: entered promiscuous mode [ 93.391134][ T5624] debugfs: 'hsr0' already exists in 'hsr' [ 93.396880][ T5624] Cannot create hsr debugfs directory [ 93.504456][ T5623] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.518729][ T5623] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.550721][ T5623] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.562035][ T5623] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.570941][ T5623] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.581633][ T5623] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.615707][ T5623] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.631744][ T5623] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 93.832650][ T5626] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.845399][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 93.854207][ T5626] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.866083][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 93.879868][ T5626] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.890979][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 93.908993][ T5626] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.920354][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.026055][ T5624] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 94.043221][ T5624] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.052489][ T5624] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 94.063459][ T5624] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.073065][ T5624] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 94.082773][ T5624] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.092689][ T5624] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 94.103951][ T5624] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.177006][ T5623] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.207526][ T4943] Bluetooth: hci3: command tx timeout [ 94.213189][ T50] Bluetooth: hci0: command tx timeout [ 94.245035][ T5625] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 94.255590][ T5625] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 94.264861][ T5625] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 94.274792][ T5625] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 94.290700][ T5625] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 94.297664][ T50] Bluetooth: hci1: command tx timeout [ 94.303137][ T4943] Bluetooth: hci2: command tx timeout [ 94.312784][ T5625] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 94.327996][ T5625] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 94.338599][ T5625] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 94.355852][ T5623] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.403078][ T728] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.410684][ T728] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.441815][ T728] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.449077][ T728] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.493981][ T5626] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.542767][ T5626] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.579165][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.586367][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.628739][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.635920][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.669690][ T5624] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.723840][ T5624] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.757041][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.764308][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.807802][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.815028][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.891241][ T5625] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.985372][ T5625] 8021q: adding VLAN 0 to HW filter on device team0 [ 95.022080][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.029344][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 95.073645][ T3320] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.080885][ T3320] bridge0: port 2(bridge_slave_1) entered forwarding state [ 95.838995][ T5623] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.959331][ T5626] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.003538][ T5623] veth0_vlan: entered promiscuous mode [ 96.046118][ T5623] veth1_vlan: entered promiscuous mode [ 96.120336][ T5626] veth0_vlan: entered promiscuous mode [ 96.187057][ T5626] veth1_vlan: entered promiscuous mode [ 96.218006][ T5623] veth0_macvtap: entered promiscuous mode [ 96.236862][ T5624] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.254954][ T5623] veth1_macvtap: entered promiscuous mode [ 96.288649][ T4943] Bluetooth: hci0: command tx timeout [ 96.289043][ T50] Bluetooth: hci3: command tx timeout [ 96.313881][ T5625] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 96.331711][ T5623] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.368009][ T50] Bluetooth: hci1: command tx timeout [ 96.369098][ T4943] Bluetooth: hci2: command tx timeout [ 96.380211][ T5623] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.393718][ T5626] veth0_macvtap: entered promiscuous mode [ 96.424771][ T113] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.434187][ T113] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.446571][ T5626] veth1_macvtap: entered promiscuous mode [ 96.462608][ T113] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.472538][ T113] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.513431][ T5624] veth0_vlan: entered promiscuous mode [ 96.563662][ T5624] veth1_vlan: entered promiscuous mode [ 96.584065][ T5626] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.614158][ T5626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.660407][ T5625] veth0_vlan: entered promiscuous mode [ 96.684742][ T113] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.693823][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.693903][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.713998][ T113] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.742515][ T113] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.752357][ T113] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.798362][ T5625] veth1_vlan: entered promiscuous mode [ 96.836938][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.845342][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.850386][ T5624] veth0_macvtap: entered promiscuous mode [ 96.900019][ T5624] veth1_macvtap: entered promiscuous mode [ 96.980491][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.991583][ T5625] veth0_macvtap: entered promiscuous mode [ 97.000300][ T5623] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 97.019343][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.040684][ T5625] veth1_macvtap: entered promiscuous mode [ 97.055119][ T5624] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.112615][ T1682] cfg80211: failed to load regulatory.db [ 97.124736][ T5624] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.185563][ T113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.196403][ T113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.207174][ T71] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.217253][ T71] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.236391][ T71] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.265926][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.298023][ T5625] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 97.361086][ T5625] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 97.417037][ T728] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.438757][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.485668][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.509093][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 97.622140][ T113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.633448][ T5782] netlink: 'syz.0.1': attribute type 8 has an invalid length. [ 97.643993][ T113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.668586][ T5782] Zero length message leads to an empty skb [ 97.832708][ T71] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.865973][ T71] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.943634][ T71] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.976340][ T71] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.001111][ T5787] capability: warning: `syz.0.6' uses 32-bit capabilities (legacy support in use) [ 98.074426][ T3320] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.100301][ T3320] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 98.215185][ T4943] Bluetooth: hci1: unexpected subevent 0x18 length: 0 < 19 [ 98.369521][ T4943] Bluetooth: hci0: command tx timeout [ 98.369533][ T50] Bluetooth: hci3: command tx timeout [ 98.447492][ T4943] Bluetooth: hci2: command tx timeout [ 98.452362][ T50] Bluetooth: hci1: command tx timeout [ 99.106508][ T5808] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 99.998156][ T5819] netlink: 'syz.0.14': attribute type 1 has an invalid length. [ 100.015409][ T5819] netlink: 'syz.0.14': attribute type 6 has an invalid length. [ 100.315029][ T29] audit: type=1804 audit(1777926061.244:2): pid=5821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.15" name="/newroot/4/file0" dev="tmpfs" ino=39 res=1 errno=0 [ 100.506951][ T5826] netlink: 252 bytes leftover after parsing attributes in process `syz.1.16'. [ 100.762257][ T5833] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 100.837649][ T5834] netlink: 342 bytes leftover after parsing attributes in process `syz.1.19'. [ 100.870680][ T5829] netlink: 'syz.2.17': attribute type 29 has an invalid length. [ 100.885590][ T5829] netlink: 46 bytes leftover after parsing attributes in process `syz.2.17'. [ 103.562980][ T5899] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 104.000168][ T5908] zswap: compressor not available [ 104.032986][ T5910] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 104.780797][ T5932] sd 0:0:1:0: device reset [ 105.811133][ T5952] netlink: 186 bytes leftover after parsing attributes in process `syz.0.60'. [ 105.851800][ T5952] netlink: 186 bytes leftover after parsing attributes in process `syz.0.60'. [ 106.590143][ T50] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 106.590183][ T50] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 106.605186][ T50] Bluetooth: hci2: Dropping invalid advertising data [ 106.613154][ T50] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 110.881287][ T6030] FAULT_INJECTION: forcing a failure. [ 110.881287][ T6030] name failslab, interval 1, probability 0, space 0, times 1 [ 110.937590][ T6030] CPU: 0 UID: 0 PID: 6030 Comm: syz.1.85 Not tainted syzkaller #0 PREEMPT(full) [ 110.937639][ T6030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 110.937665][ T6030] Call Trace: [ 110.937674][ T6030] [ 110.937685][ T6030] dump_stack_lvl+0x100/0x190 [ 110.937728][ T6030] should_fail_ex.cold+0x5/0xa [ 110.937766][ T6030] should_failslab+0xc2/0x120 [ 110.937799][ T6030] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 110.937854][ T6030] ? security_inode_alloc+0x3b/0x2c0 [ 110.937899][ T6030] ? lockdep_init_map_type+0x5c/0x250 [ 110.937932][ T6030] security_inode_alloc+0x3b/0x2c0 [ 110.937977][ T6030] inode_init_always_gfp+0xcc0/0x1000 [ 110.938017][ T6030] alloc_inode+0x8e/0x250 [ 110.938076][ T6030] new_inode+0x22/0x1c0 [ 110.938122][ T6030] shmem_get_inode+0x1e3/0xfb0 [ 110.938165][ T6030] ? __pfx_shmem_get_inode+0x10/0x10 [ 110.938214][ T6030] __shmem_file_setup+0x382/0x460 [ 110.938255][ T6030] ? __pfx___shmem_file_setup+0x10/0x10 [ 110.938298][ T6030] ? vm_area_alloc+0x1f/0x160 [ 110.938342][ T6030] shmem_zero_setup+0x96/0x1b0 [ 110.938373][ T6030] __mmap_region+0x24e9/0x2da0 [ 110.938423][ T6030] ? __pfx___mmap_region+0x10/0x10 [ 110.938494][ T6030] ? do_raw_spin_lock+0x128/0x260 [ 110.938549][ T6030] ? do_raw_spin_lock+0x128/0x260 [ 110.938581][ T6030] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 110.938640][ T6030] ? hrtimer_start_range_ns+0x860/0x1a50 [ 110.938678][ T6030] ? find_held_lock+0x2b/0x80 [ 110.938714][ T6030] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 110.938812][ T6030] mmap_region+0x35d/0x620 [ 110.938840][ T6030] ? rcu_is_watching+0x12/0xc0 [ 110.938874][ T6030] ? __pfx_mmap_region+0x10/0x10 [ 110.938905][ T6030] ? cap_mmap_addr+0x4b/0x120 [ 110.938951][ T6030] ? bpf_lsm_mmap_addr+0x9/0x30 [ 110.938983][ T6030] ? security_mmap_addr+0x71/0x1e0 [ 110.939027][ T6030] ? __get_unmapped_area+0x255/0x3e0 [ 110.939076][ T6030] do_mmap+0xc63/0x12f0 [ 110.939126][ T6030] ? __pfx_do_mmap+0x10/0x10 [ 110.939167][ T6030] ? __pfx_down_write_killable+0x10/0x10 [ 110.939229][ T6030] vm_mmap_pgoff+0x29e/0x470 [ 110.939280][ T6030] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 110.939327][ T6030] ? do_futex+0x192/0x350 [ 110.939366][ T6030] ? __pfx_do_futex+0x10/0x10 [ 110.939411][ T6030] ksys_mmap_pgoff+0xe4/0x610 [ 110.939462][ T6030] ? __x64_sys_futex+0x358/0x4d0 [ 110.939518][ T6030] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 110.939558][ T6030] ? xfd_validate_state+0x129/0x190 [ 110.939591][ T6030] ? ksys_write+0x1ac/0x250 [ 110.939646][ T6030] __x64_sys_mmap+0x125/0x190 [ 110.939689][ T6030] do_syscall_64+0x10b/0xf80 [ 110.939732][ T6030] ? clear_bhb_loop+0x40/0x90 [ 110.939786][ T6030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.939820][ T6030] RIP: 0033:0x7fd59459cdd9 [ 110.939847][ T6030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.939880][ T6030] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 110.939912][ T6030] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 110.939934][ T6030] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 110.939953][ T6030] RBP: 00007fd594632d69 R08: fffffffffffffffa R09: 0000000000008000 [ 110.939972][ T6030] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 110.939991][ T6030] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 110.940032][ T6030] [ 111.313218][ T6032] FAULT_INJECTION: forcing a failure. [ 111.313218][ T6032] name failslab, interval 1, probability 0, space 0, times 1 [ 111.328231][ T6032] CPU: 0 UID: 0 PID: 6032 Comm: syz.2.84 Not tainted syzkaller #0 PREEMPT(full) [ 111.328275][ T6032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 111.328295][ T6032] Call Trace: [ 111.328305][ T6032] [ 111.328318][ T6032] dump_stack_lvl+0x100/0x190 [ 111.328361][ T6032] should_fail_ex.cold+0x5/0xa [ 111.328404][ T6032] should_failslab+0xc2/0x120 [ 111.328444][ T6032] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 111.328496][ T6032] ? acpi_ps_alloc_op+0x29d/0x360 [ 111.328556][ T6032] acpi_ps_alloc_op+0x29d/0x360 [ 111.328596][ T6032] ? acpi_ut_status_exit+0x111/0x1c0 [ 111.328642][ T6032] acpi_ps_create_op+0x4b3/0xd10 [ 111.328683][ T6032] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 111.328722][ T6032] ? __pfx_acpi_ut_trace_ptr+0x10/0x10 [ 111.328763][ T6032] ? acpi_ut_value_exit+0x10d/0x190 [ 111.328812][ T6032] acpi_ps_parse_loop+0xa65/0x24a0 [ 111.328854][ T6032] ? __kmalloc_noprof+0x320/0x850 [ 111.328912][ T6032] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 111.328949][ T6032] ? acpi_ut_status_exit+0x111/0x1c0 [ 111.328993][ T6032] ? acpi_ds_call_control_method+0x435/0xab0 [ 111.329055][ T6032] acpi_ps_parse_aml+0x81e/0x1120 [ 111.329102][ T6032] acpi_ps_execute_method+0x5c4/0xe90 [ 111.329155][ T6032] acpi_ns_evaluate+0x640/0x1670 [ 111.329211][ T6032] acpi_evaluate_object+0x420/0xe00 [ 111.329243][ T6032] ? kasan_save_stack+0x30/0x50 [ 111.329272][ T6032] ? kasan_save_track+0x14/0x30 [ 111.329300][ T6032] ? __kasan_kmalloc+0xaa/0xb0 [ 111.329322][ T6032] ? __kvmalloc_node_noprof+0x360/0xa00 [ 111.329351][ T6032] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 111.329375][ T6032] ? lock_acquire+0x1b1/0x370 [ 111.329408][ T6032] acpi_evaluate_integer+0xdf/0x220 [ 111.329450][ T6032] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 111.329518][ T6032] ? __pfx_status_show+0x10/0x10 [ 111.329547][ T6032] status_show+0xa0/0x120 [ 111.329576][ T6032] ? __pfx_status_show+0x10/0x10 [ 111.329616][ T6032] dev_attr_show+0x52/0xa0 [ 111.329657][ T6032] ? __pfx_dev_attr_show+0x10/0x10 [ 111.329696][ T6032] sysfs_kf_seq_show+0x217/0x3a0 [ 111.329755][ T6032] seq_read_iter+0x32f/0x1270 [ 111.329790][ T6032] ? lock_acquire+0x1b1/0x370 [ 111.329835][ T6032] kernfs_fop_read_iter+0x46c/0x610 [ 111.329882][ T6032] ? rw_verify_area+0xce/0x6d0 [ 111.329912][ T6032] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 111.329963][ T6032] vfs_read+0x825/0xb30 [ 111.330006][ T6032] ? __pfx_vfs_read+0x10/0x10 [ 111.330070][ T6032] ksys_read+0x12a/0x250 [ 111.330107][ T6032] ? __pfx_ksys_read+0x10/0x10 [ 111.330146][ T6032] ? rcu_is_watching+0x12/0xc0 [ 111.330190][ T6032] do_syscall_64+0x10b/0xf80 [ 111.330233][ T6032] ? clear_bhb_loop+0x40/0x90 [ 111.330290][ T6032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.330323][ T6032] RIP: 0033:0x7fbe0af9cdd9 [ 111.330352][ T6032] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.330384][ T6032] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 111.330416][ T6032] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 111.330437][ T6032] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 111.330455][ T6032] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 111.330473][ T6032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.330492][ T6032] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 111.330547][ T6032] [ 111.331218][ T6032] ACPI Error: Aborting method \_SB.IQST due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 111.886588][ T6032] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 112.707249][ T29] audit: type=1800 audit(1777926073.634:3): pid=6052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.90" name="dummy_udc" dev="gadgetfs" ino=7375 res=0 errno=0 [ 113.155291][ T50] Bluetooth: hci3: unexpected event 0x09 length: 435 > 3 [ 113.420853][ T6065] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 115.024261][ T6092] netlink: 98 bytes leftover after parsing attributes in process `syz.0.103'. [ 115.061791][ T6092] netlink: 50 bytes leftover after parsing attributes in process `syz.0.103'. [ 115.792612][ T6077] kexec: Could not allocate control_code_buffer [ 116.493784][ T6117] FAULT_INJECTION: forcing a failure. [ 116.493784][ T6117] name failslab, interval 1, probability 0, space 0, times 0 [ 116.529158][ T6117] CPU: 1 UID: 0 PID: 6117 Comm: syz.1.112 Not tainted syzkaller #0 PREEMPT(full) [ 116.529204][ T6117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 116.529227][ T6117] Call Trace: [ 116.529238][ T6117] [ 116.529256][ T6117] dump_stack_lvl+0x100/0x190 [ 116.529313][ T6117] should_fail_ex.cold+0x5/0xa [ 116.529366][ T6117] should_failslab+0xc2/0x120 [ 116.529407][ T6117] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 116.529461][ T6117] ? __kernfs_new_node+0xd2/0x9f0 [ 116.529498][ T6117] ? kstrdup+0xb3/0xe0 [ 116.529537][ T6117] __kernfs_new_node+0xd2/0x9f0 [ 116.529580][ T6117] ? __pfx___kernfs_new_node+0x10/0x10 [ 116.529626][ T6117] ? find_held_lock+0x2b/0x80 [ 116.529669][ T6117] ? kernfs_root+0xee/0x2a0 [ 116.529703][ T6117] ? kernfs_root+0xee/0x2a0 [ 116.529747][ T6117] kernfs_new_node+0x11b/0x1a0 [ 116.529797][ T6117] __kernfs_create_file+0x53/0x350 [ 116.529854][ T6117] cgroup_addrm_files+0x4ef/0xdb0 [ 116.529928][ T6117] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 116.529980][ T6117] ? find_held_lock+0x2b/0x80 [ 116.530043][ T6117] ? _raw_spin_unlock+0x28/0x50 [ 116.530080][ T6117] ? xa_store+0x3f/0x50 [ 116.530129][ T6117] ? mem_cgroup_css_online+0x39b/0xbf0 [ 116.530186][ T6117] css_populate_dir+0x161/0x590 [ 116.530224][ T6117] cgroup_apply_control_enable+0x441/0xdd0 [ 116.530287][ T6117] cgroup_mkdir+0x59c/0x1310 [ 116.530349][ T6117] ? __pfx_cgroup_mkdir+0x10/0x10 [ 116.530400][ T6117] kernfs_iop_mkdir+0x111/0x190 [ 116.530453][ T6117] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 116.530506][ T6117] vfs_mkdir+0x361/0x850 [ 116.530567][ T6117] filename_mkdirat+0x48b/0x5e0 [ 116.530616][ T6117] ? __pfx_filename_mkdirat+0x10/0x10 [ 116.530661][ T6117] ? strncpy_from_user+0x19d/0x2d0 [ 116.530698][ T6117] ? do_getname+0x191/0x390 [ 116.530749][ T6117] __x64_sys_mkdir+0x6b/0x90 [ 116.530792][ T6117] do_syscall_64+0x10b/0xf80 [ 116.530832][ T6117] ? clear_bhb_loop+0x40/0x90 [ 116.530872][ T6117] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.530905][ T6117] RIP: 0033:0x7fd59459cdd9 [ 116.530940][ T6117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 116.530971][ T6117] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 116.531003][ T6117] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 116.531025][ T6117] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 116.531046][ T6117] RBP: 00007fd594632d69 R08: 0000000000000000 R09: 0000000000000000 [ 116.531066][ T6117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.531086][ T6117] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 116.531128][ T6117] [ 116.827320][ T6117] cgroup: cgroup_addrm_files: failed to add kmem.max_usage_in_bytes, err=-12 [ 117.045273][ T6120] ptp ptp0: new virtual clock ptp1 [ 117.082236][ T6120] ptp ptp0: guarantee physical clock free running [ 117.132957][ T6122] ptp ptp0: delete virtual clock ptp1 [ 117.200350][ T6122] ptp ptp0: only physical clock in use now [ 117.736325][ T6134] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 119.580197][ T6172] bonding: unable to delete non-existent ) [ 121.862128][ T6215] netlink: 338 bytes leftover after parsing attributes in process `syz.0.142'. [ 125.724951][ T6288] FAULT_INJECTION: forcing a failure. [ 125.724951][ T6288] name failslab, interval 1, probability 0, space 0, times 0 [ 125.739911][ T6288] CPU: 0 UID: 0 PID: 6288 Comm: syz.2.166 Not tainted syzkaller #0 PREEMPT(full) [ 125.739952][ T6288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 125.739971][ T6288] Call Trace: [ 125.739981][ T6288] [ 125.739993][ T6288] dump_stack_lvl+0x100/0x190 [ 125.740034][ T6288] should_fail_ex.cold+0x5/0xa [ 125.740074][ T6288] should_failslab+0xc2/0x120 [ 125.740111][ T6288] __kvmalloc_node_noprof+0xfa/0xa00 [ 125.740142][ T6288] ? __do_sys_setgroups+0x126/0x4f0 [ 125.740182][ T6288] __do_sys_setgroups+0x126/0x4f0 [ 125.740213][ T6288] ? 0xffffffffff600000 [ 125.740242][ T6288] do_syscall_64+0x10b/0xf80 [ 125.740291][ T6288] ? clear_bhb_loop+0x40/0x90 [ 125.740330][ T6288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.740363][ T6288] RIP: 0033:0x7fbe0af9cdd9 [ 125.740387][ T6288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 125.740420][ T6288] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000074 [ 125.740449][ T6288] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 125.740469][ T6288] RDX: 0000000000000000 RSI: ffffffffff600000 RDI: 0000000c00000000 [ 125.740487][ T6288] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 125.740506][ T6288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.740523][ T6288] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 125.740553][ T6288] ? 0xffffffffff600000 [ 125.740582][ T6288] [ 126.156165][ T6295] FAULT_INJECTION: forcing a failure. [ 126.156165][ T6295] name failslab, interval 1, probability 0, space 0, times 0 [ 126.188986][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.0.167 Not tainted syzkaller #0 PREEMPT(full) [ 126.189030][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 126.189050][ T6295] Call Trace: [ 126.189060][ T6295] [ 126.189071][ T6295] dump_stack_lvl+0x100/0x190 [ 126.189115][ T6295] should_fail_ex.cold+0x5/0xa [ 126.189160][ T6295] should_failslab+0xc2/0x120 [ 126.189228][ T6295] __kmalloc_cache_noprof+0x7a/0x6f0 [ 126.189277][ T6295] ? snd_rawmidi_open+0x3b3/0xba0 [ 126.189308][ T6295] ? _raw_spin_unlock+0x28/0x50 [ 126.189358][ T6295] ? snd_card_file_add+0x257/0x330 [ 126.189412][ T6295] snd_rawmidi_open+0x3b3/0xba0 [ 126.189452][ T6295] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 126.189492][ T6295] ? do_raw_spin_lock+0x128/0x260 [ 126.189560][ T6295] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 126.189593][ T6295] snd_open+0x201/0x450 [ 126.189640][ T6295] ? __pfx_snd_open+0x10/0x10 [ 126.189684][ T6295] chrdev_open+0x234/0x6a0 [ 126.189727][ T6295] ? __pfx_chrdev_open+0x10/0x10 [ 126.189776][ T6295] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 126.189829][ T6295] do_dentry_open+0x6d8/0x1660 [ 126.189868][ T6295] ? __pfx_chrdev_open+0x10/0x10 [ 126.189919][ T6295] vfs_open+0x82/0x3f0 [ 126.189973][ T6295] path_openat+0x208c/0x31a0 [ 126.190030][ T6295] ? __pfx_path_openat+0x10/0x10 [ 126.190088][ T6295] do_file_open+0x20e/0x430 [ 126.190134][ T6295] ? __pfx_do_file_open+0x10/0x10 [ 126.190212][ T6295] ? alloc_fd+0x476/0x790 [ 126.190257][ T6295] ? do_getname+0x191/0x390 [ 126.190312][ T6295] do_sys_openat2+0x10d/0x1e0 [ 126.190365][ T6295] ? __pfx_do_sys_openat2+0x10/0x10 [ 126.190421][ T6295] ? __might_fault+0xc5/0x140 [ 126.190482][ T6295] __x64_sys_openat+0x12d/0x210 [ 126.190536][ T6295] ? __pfx___x64_sys_openat+0x10/0x10 [ 126.190598][ T6295] ? rcu_is_watching+0x12/0xc0 [ 126.190645][ T6295] do_syscall_64+0x10b/0xf80 [ 126.190689][ T6295] ? clear_bhb_loop+0x40/0x90 [ 126.190743][ T6295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.190777][ T6295] RIP: 0033:0x7fb785b9cdd9 [ 126.190803][ T6295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 126.190834][ T6295] RSP: 002b:00007fb786af3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 126.190865][ T6295] RAX: ffffffffffffffda RBX: 00007fb785e15fa0 RCX: 00007fb785b9cdd9 [ 126.190885][ T6295] RDX: 000000000000a003 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 126.190906][ T6295] RBP: 00007fb785c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 126.190925][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.190944][ T6295] R13: 00007fb785e16038 R14: 00007fb785e15fa0 R15: 00007ffd8e982748 [ 126.190985][ T6295] [ 126.542674][ T6298] binder: 6289:6298 ioctl 5411 38 returned -22 [ 126.986496][ T6306] netlink: 62 bytes leftover after parsing attributes in process `syz.0.172'. [ 128.040462][ T6323] netlink: 330 bytes leftover after parsing attributes in process `syz.1.177'. [ 128.468883][ T6333] FAULT_INJECTION: forcing a failure. [ 128.468883][ T6333] name failslab, interval 1, probability 0, space 0, times 0 [ 128.504421][ T6333] CPU: 0 UID: 0 PID: 6333 Comm: syz.2.182 Not tainted syzkaller #0 PREEMPT(full) [ 128.504462][ T6333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 128.504480][ T6333] Call Trace: [ 128.504490][ T6333] [ 128.504501][ T6333] dump_stack_lvl+0x100/0x190 [ 128.504541][ T6333] should_fail_ex.cold+0x5/0xa [ 128.504580][ T6333] ? realloc_user_queue+0xe9/0x310 [ 128.504625][ T6333] should_failslab+0xc2/0x120 [ 128.504662][ T6333] __kmalloc_noprof+0xe0/0x850 [ 128.504719][ T6333] realloc_user_queue+0xe9/0x310 [ 128.504768][ T6333] ? __pfx_snd_timer_user_open+0x10/0x10 [ 128.504820][ T6333] snd_timer_user_open+0xfc/0x180 [ 128.504867][ T6333] snd_open+0x201/0x450 [ 128.504909][ T6333] ? __pfx_snd_open+0x10/0x10 [ 128.504947][ T6333] chrdev_open+0x234/0x6a0 [ 128.504987][ T6333] ? __pfx_chrdev_open+0x10/0x10 [ 128.505036][ T6333] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 128.505085][ T6333] do_dentry_open+0x6d8/0x1660 [ 128.505121][ T6333] ? __pfx_chrdev_open+0x10/0x10 [ 128.505167][ T6333] vfs_open+0x82/0x3f0 [ 128.505216][ T6333] path_openat+0x208c/0x31a0 [ 128.505267][ T6333] ? __pfx_path_openat+0x10/0x10 [ 128.505318][ T6333] do_file_open+0x20e/0x430 [ 128.505360][ T6333] ? __pfx_do_file_open+0x10/0x10 [ 128.505422][ T6333] ? alloc_fd+0x476/0x790 [ 128.505463][ T6333] ? do_getname+0x191/0x390 [ 128.505510][ T6333] do_sys_openat2+0x10d/0x1e0 [ 128.505556][ T6333] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.505615][ T6333] __x64_sys_openat+0x12d/0x210 [ 128.505664][ T6333] ? __pfx___x64_sys_openat+0x10/0x10 [ 128.505709][ T6333] ? ksys_read+0x1ac/0x250 [ 128.505748][ T6333] ? rcu_is_watching+0x12/0xc0 [ 128.505791][ T6333] do_syscall_64+0x10b/0xf80 [ 128.505829][ T6333] ? clear_bhb_loop+0x40/0x90 [ 128.505866][ T6333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.505897][ T6333] RIP: 0033:0x7fbe0af9cdd9 [ 128.505940][ T6333] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.505971][ T6333] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.506012][ T6333] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 128.506032][ T6333] RDX: 0000000000101800 RSI: 00002000000009c0 RDI: ffffffffffffff9c [ 128.506052][ T6333] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 128.506070][ T6333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.506087][ T6333] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 128.506126][ T6333] [ 129.347193][ T6348] random: crng reseeded on system resumption [ 129.362840][ T6338] zswap: compressor not available [ 132.262924][ T6396] FAULT_INJECTION: forcing a failure. [ 132.262924][ T6396] name failslab, interval 1, probability 0, space 0, times 0 [ 132.280449][ T6396] CPU: 1 UID: 0 PID: 6396 Comm: syz.1.198 Not tainted syzkaller #0 PREEMPT(full) [ 132.280496][ T6396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 132.280517][ T6396] Call Trace: [ 132.280528][ T6396] [ 132.280541][ T6396] dump_stack_lvl+0x100/0x190 [ 132.280586][ T6396] should_fail_ex.cold+0x5/0xa [ 132.280631][ T6396] should_failslab+0xc2/0x120 [ 132.280669][ T6396] __kmalloc_cache_noprof+0x7a/0x6f0 [ 132.280728][ T6396] ? kernfs_fop_open+0x23d/0xd50 [ 132.280781][ T6396] kernfs_fop_open+0x23d/0xd50 [ 132.280836][ T6396] do_dentry_open+0x6d8/0x1660 [ 132.280873][ T6396] ? __pfx_kernfs_fop_open+0x10/0x10 [ 132.280927][ T6396] vfs_open+0x82/0x3f0 [ 132.280983][ T6396] path_openat+0x208c/0x31a0 [ 132.281034][ T6396] ? __pfx_path_openat+0x10/0x10 [ 132.281088][ T6396] do_file_open+0x20e/0x430 [ 132.281130][ T6396] ? __pfx_do_file_open+0x10/0x10 [ 132.281197][ T6396] ? alloc_fd+0x476/0x790 [ 132.281235][ T6396] ? do_getname+0x191/0x390 [ 132.281285][ T6396] do_sys_openat2+0x10d/0x1e0 [ 132.281333][ T6396] ? __pfx_do_sys_openat2+0x10/0x10 [ 132.281382][ T6396] ? __might_fault+0xc5/0x140 [ 132.281459][ T6396] __x64_sys_openat+0x12d/0x210 [ 132.281513][ T6396] ? __pfx___x64_sys_openat+0x10/0x10 [ 132.281573][ T6396] ? rcu_is_watching+0x12/0xc0 [ 132.281618][ T6396] do_syscall_64+0x10b/0xf80 [ 132.281660][ T6396] ? clear_bhb_loop+0x40/0x90 [ 132.281701][ T6396] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.281735][ T6396] RIP: 0033:0x7fd59459cdd9 [ 132.281762][ T6396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 132.281793][ T6396] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 132.281825][ T6396] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 132.281846][ T6396] RDX: 0000000000149b01 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 132.281866][ T6396] RBP: 00007fd594632d69 R08: 0000000000000000 R09: 0000000000000000 [ 132.281885][ T6396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.281903][ T6396] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 132.281950][ T6396] [ 132.736310][ T6398] netlink: 28 bytes leftover after parsing attributes in process `syz.1.199'. [ 132.794374][ T6398] bridge_slave_1: left allmulticast mode [ 132.800393][ T6398] bridge_slave_1: left promiscuous mode [ 132.810068][ T6398] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.830881][ T29] audit: type=1800 audit(1777926093.734:4): pid=6403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.201" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 132.919409][ T6398] bridge_slave_0: left allmulticast mode [ 132.930845][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.935548][ T6398] bridge_slave_0: left promiscuous mode [ 132.939115][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.990045][ T6398] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.183252][ T6402] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 133.205864][ T6402] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 133.282857][ T6402] FAULT_INJECTION: forcing a failure. [ 133.282857][ T6402] name failslab, interval 1, probability 0, space 0, times 0 [ 133.307474][ T6402] CPU: 1 UID: 0 PID: 6402 Comm: syz.2.200 Not tainted syzkaller #0 PREEMPT(full) [ 133.307518][ T6402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 133.307539][ T6402] Call Trace: [ 133.307550][ T6402] [ 133.307563][ T6402] dump_stack_lvl+0x100/0x190 [ 133.307615][ T6402] should_fail_ex.cold+0x5/0xa [ 133.307661][ T6402] should_failslab+0xc2/0x120 [ 133.307702][ T6402] __kmalloc_cache_noprof+0x7a/0x6f0 [ 133.307752][ T6402] ? kobject_uevent_env+0x263/0x18b0 [ 133.307796][ T6402] kobject_uevent_env+0x263/0x18b0 [ 133.307837][ T6402] ? bus_to_subsys+0x114/0x150 [ 133.307904][ T6402] device_del+0x605/0x9b0 [ 133.307943][ T6402] ? __pfx_device_del+0x10/0x10 [ 133.307979][ T6402] ? __pfx_device_find_child+0x10/0x10 [ 133.308031][ T6402] ? __pfx_wait_rcu_exp_gp+0x10/0x10 [ 133.308069][ T6402] device_unregister+0x1d/0xe0 [ 133.308102][ T6402] hci_conn_del_sysfs+0xb9/0x1a0 [ 133.308151][ T6402] hci_conn_del+0x506/0x1180 [ 133.308204][ T6402] hci_abort_conn_sync+0x7d9/0xb20 [ 133.308262][ T6402] ? __pfx_hci_abort_conn_sync+0x10/0x10 [ 133.308318][ T6402] ? find_held_lock+0x2b/0x80 [ 133.308361][ T6402] ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430 [ 133.308413][ T6402] ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430 [ 133.308475][ T6402] ? hci_disconnect_all_sync.constprop.0.isra.0+0xbe/0x430 [ 133.308527][ T6402] hci_disconnect_all_sync.constprop.0.isra.0+0x155/0x430 [ 133.308582][ T6402] ? __pfx_hci_disconnect_all_sync.constprop.0.isra.0+0x10/0x10 [ 133.308647][ T6402] ? __hci_cmd_sync_status_sk+0xe4/0x190 [ 133.308703][ T6402] hci_suspend_sync+0x8b7/0xa70 [ 133.308738][ T6402] ? __pfx_hci_suspend_sync+0x10/0x10 [ 133.308771][ T6402] ? mgmt_pending_find+0x13e/0x1a0 [ 133.308819][ T6402] hci_suspend_dev+0x31d/0x540 [ 133.308860][ T6402] ? __pfx_hci_suspend_dev+0x10/0x10 [ 133.308898][ T6402] ? rcu_barrier+0x330/0x6d0 [ 133.308951][ T6402] ? kobject_get+0xbb/0x150 [ 133.308994][ T6402] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 133.309046][ T6402] hci_suspend_notifier+0x21e/0x330 [ 133.309091][ T6402] notifier_call_chain+0x99/0x400 [ 133.309162][ T6402] blocking_notifier_call_chain_robust+0xc8/0x160 [ 133.309217][ T6402] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 133.309282][ T6402] pm_notifier_call_chain_robust+0x27/0x60 [ 133.309314][ T6402] snapshot_open+0x189/0x2a0 [ 133.309359][ T6402] ? __pfx_snapshot_open+0x10/0x10 [ 133.309407][ T6402] misc_open+0x26d/0x450 [ 133.309445][ T6402] ? __pfx_misc_open+0x10/0x10 [ 133.309481][ T6402] chrdev_open+0x234/0x6a0 [ 133.309519][ T6402] ? __pfx_apparmor_file_open+0x10/0x10 [ 133.309569][ T6402] ? __pfx_chrdev_open+0x10/0x10 [ 133.309639][ T6402] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 133.309692][ T6402] do_dentry_open+0x6d8/0x1660 [ 133.309731][ T6402] ? __pfx_chrdev_open+0x10/0x10 [ 133.309783][ T6402] vfs_open+0x82/0x3f0 [ 133.309836][ T6402] path_openat+0x208c/0x31a0 [ 133.309891][ T6402] ? __pfx_path_openat+0x10/0x10 [ 133.309946][ T6402] do_file_open+0x20e/0x430 [ 133.309990][ T6402] ? __pfx_do_file_open+0x10/0x10 [ 133.310059][ T6402] ? alloc_fd+0x476/0x790 [ 133.310103][ T6402] ? do_getname+0x191/0x390 [ 133.310155][ T6402] do_sys_openat2+0x10d/0x1e0 [ 133.310204][ T6402] ? __pfx_do_sys_openat2+0x10/0x10 [ 133.310258][ T6402] ? __fget_files+0x21f/0x3d0 [ 133.310305][ T6402] __x64_sys_openat+0x12d/0x210 [ 133.310357][ T6402] ? __pfx___x64_sys_openat+0x10/0x10 [ 133.310416][ T6402] ? rcu_is_watching+0x12/0xc0 [ 133.310460][ T6402] do_syscall_64+0x10b/0xf80 [ 133.310503][ T6402] ? clear_bhb_loop+0x40/0x90 [ 133.310544][ T6402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.310578][ T6402] RIP: 0033:0x7fbe0af9cdd9 [ 133.310615][ T6402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 133.310647][ T6402] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 133.310678][ T6402] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 133.310699][ T6402] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 133.310720][ T6402] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 133.310739][ T6402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.310757][ T6402] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 133.310800][ T6402] [ 133.776733][ T6402] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 133.825997][ T6402] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 133.857412][ T6402] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 133.915677][ T6402] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 133.965052][ T6402] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 134.005259][ T6402] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 134.040156][ T6402] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 134.058046][ T6402] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 134.092168][ T6402] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 134.123503][ T6402] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 134.244844][ T6408] random: crng reseeded on system resumption [ 134.759710][ T6432] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input5 [ 134.772499][ T6429] netlink: 138 bytes leftover after parsing attributes in process `syz.1.209'. [ 135.069695][ T6437] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 135.248665][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.891655][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 135.968082][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.127642][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.597142][ T6472] FAULT_INJECTION: forcing a failure. [ 136.597142][ T6472] name failslab, interval 1, probability 0, space 0, times 0 [ 136.627422][ T6472] CPU: 1 UID: 0 PID: 6472 Comm: syz.2.223 Not tainted syzkaller #0 PREEMPT(full) [ 136.627465][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 136.627484][ T6472] Call Trace: [ 136.627501][ T6472] [ 136.627513][ T6472] dump_stack_lvl+0x100/0x190 [ 136.627554][ T6472] should_fail_ex.cold+0x5/0xa [ 136.627595][ T6472] should_failslab+0xc2/0x120 [ 136.627631][ T6472] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 136.627681][ T6472] ? copy_fs_struct+0x49/0x340 [ 136.627710][ T6472] ? dup_fd+0x831/0xd10 [ 136.627753][ T6472] copy_fs_struct+0x49/0x340 [ 136.627786][ T6472] copy_process+0x6b4f/0x7e00 [ 136.627828][ T6472] ? futex_unqueue+0x133/0x2c0 [ 136.627859][ T6472] ? futex_unqueue+0x133/0x2c0 [ 136.627906][ T6472] ? __pfx_copy_process+0x10/0x10 [ 136.627959][ T6472] ? _copy_from_user+0x59/0xd0 [ 136.628012][ T6472] kernel_clone+0x12e/0x9c0 [ 136.628056][ T6472] ? futex_hash+0x141/0x370 [ 136.628083][ T6472] ? __pfx_kernel_clone+0x10/0x10 [ 136.628135][ T6472] ? __pfx_futex_wait+0x10/0x10 [ 136.628171][ T6472] ? __pfx_kernel_waitid+0x10/0x10 [ 136.628209][ T6472] __do_sys_clone3+0x214/0x290 [ 136.628254][ T6472] ? __pfx___do_sys_clone3+0x10/0x10 [ 136.628314][ T6472] ? rcu_read_unlock+0x17/0x60 [ 136.628353][ T6472] ? rcu_read_unlock+0x17/0x60 [ 136.628434][ T6472] ? rcu_is_watching+0x12/0xc0 [ 136.628480][ T6472] do_syscall_64+0x10b/0xf80 [ 136.628531][ T6472] ? clear_bhb_loop+0x40/0x90 [ 136.628572][ T6472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.628605][ T6472] RIP: 0033:0x7fbe0af9cdd9 [ 136.628632][ T6472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.628663][ T6472] RSP: 002b:00007fbe0bed7ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 136.628709][ T6472] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007fbe0af9cdd9 [ 136.628729][ T6472] RDX: 00007fbe0bed7f10 RSI: 0000000000000058 RDI: 00007fbe0bed7f10 [ 136.628766][ T6472] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000058 [ 136.628785][ T6472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.628804][ T6472] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 136.628845][ T6472] [ 137.333151][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 137.968088][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 138.047698][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 138.207597][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 138.782424][ T6511] FAULT_INJECTION: forcing a failure. [ 138.782424][ T6511] name failslab, interval 1, probability 0, space 0, times 0 [ 138.796228][ T6511] CPU: 1 UID: 0 PID: 6511 Comm: syz.3.235 Not tainted syzkaller #0 PREEMPT(full) [ 138.796270][ T6511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 138.796289][ T6511] Call Trace: [ 138.796299][ T6511] [ 138.796311][ T6511] dump_stack_lvl+0x100/0x190 [ 138.796353][ T6511] should_fail_ex.cold+0x5/0xa [ 138.796393][ T6511] should_failslab+0xc2/0x120 [ 138.796434][ T6511] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 138.796483][ T6511] ? copy_utsname+0x1a8/0x690 [ 138.796530][ T6511] copy_utsname+0x1a8/0x690 [ 138.796574][ T6511] create_new_namespaces+0x16a/0xac0 [ 138.796616][ T6511] ? bpf_lsm_capable+0x9/0x10 [ 138.796652][ T6511] ? security_capable+0x80/0x260 [ 138.796708][ T6511] unshare_nsproxy_namespaces+0xf2/0x220 [ 138.796754][ T6511] ksys_unshare+0x438/0xab0 [ 138.796804][ T6511] ? __pfx_ksys_unshare+0x10/0x10 [ 138.796847][ T6511] ? xfd_validate_state+0x129/0x190 [ 138.796888][ T6511] __x64_sys_unshare+0x31/0x40 [ 138.796935][ T6511] do_syscall_64+0x10b/0xf80 [ 138.796974][ T6511] ? clear_bhb_loop+0x40/0x90 [ 138.797015][ T6511] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.797049][ T6511] RIP: 0033:0x7f3953d9cdd9 [ 138.797086][ T6511] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 138.797120][ T6511] RSP: 002b:00007f3954d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 138.797152][ T6511] RAX: ffffffffffffffda RBX: 00007f3954015fa0 RCX: 00007f3953d9cdd9 [ 138.797174][ T6511] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 138.797193][ T6511] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 138.797213][ T6511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.797233][ T6511] R13: 00007f3954016038 R14: 00007f3954015fa0 R15: 00007ffce6eaeb18 [ 138.797271][ T6511] [ 139.407946][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 140.047369][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 140.127645][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 140.287724][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.425675][ T6577] syz.2.256 uses obsolete (PF_INET,SOCK_PACKET) [ 145.138733][ T6602] netlink: 334 bytes leftover after parsing attributes in process `syz.2.265'. [ 146.891634][ T6634] random: crng reseeded on system resumption [ 147.318751][ T6639] netlink: 334 bytes leftover after parsing attributes in process `syz.3.275'. [ 148.260579][ T6656] random: crng reseeded on system resumption [ 150.194755][ T6678] netlink: 334 bytes leftover after parsing attributes in process `syz.1.286'. [ 152.235847][ T6713] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 152.898134][ T6723] netlink: 334 bytes leftover after parsing attributes in process `syz.0.296'. [ 153.096236][ T6726] random: crng reseeded on system resumption [ 153.379033][ T29] audit: type=1800 audit(1777926114.304:5): pid=6734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.300" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 155.744449][ T29] audit: type=1800 audit(1777926116.674:6): pid=6772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.312" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 155.912749][ T6780] random: crng reseeded on system resumption [ 156.540048][ T6789] netlink: 334 bytes leftover after parsing attributes in process `syz.1.316'. [ 157.154373][ T6804] random: crng reseeded on system resumption [ 160.775812][ T6858] netlink: 'syz.2.336': attribute type 1 has an invalid length. [ 160.797378][ T6858] netlink: 'syz.2.336': attribute type 6 has an invalid length. [ 160.989697][ T6865] netlink: 334 bytes leftover after parsing attributes in process `syz.0.348'. [ 162.505639][ T6891] binder: 6886:6891 ioctl 5411 38 returned -22 [ 162.794432][ T6894] netlink: 'syz.3.350': attribute type 1 has an invalid length. [ 162.823119][ T6894] netlink: 'syz.3.350': attribute type 6 has an invalid length. [ 163.604786][ T6909] i2c i2c-0: Invalid 7-bit I2C address 0x00 [ 164.482788][ T29] audit: type=1804 audit(1777926125.414:7): pid=6930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.360" name="/newroot/91/file0" dev="tmpfs" ino=486 res=1 errno=0 [ 165.704061][ T6948] zswap: compressor not available [ 167.435302][ T29] audit: type=1804 audit(1777926128.364:8): pid=6981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.373" name="/newroot/99/file0" dev="tmpfs" ino=531 res=1 errno=0 [ 168.495327][ T6993] sd 0:0:1:0: device reset [ 169.289091][ T7009] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input6 [ 172.748659][ T7056] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input7 [ 173.195366][ T7039] kexec: Could not allocate control_code_buffer [ 176.951111][ T50] Bluetooth: hci3: unexpected event for opcode 0x7c89 [ 181.541271][ T7160] kexec: Could not allocate control_code_buffer [ 182.000388][ T7187] random: crng reseeded on system resumption [ 183.312382][ T7177] kexec: Could not allocate control_code_buffer [ 184.432717][ T29] audit: type=1800 audit(1777926145.364:9): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.433" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 184.716642][ T50] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 185.731901][ T7237] random: crng reseeded on system resumption [ 187.002645][ T7230] kexec: Could not allocate control_code_buffer [ 189.979296][ T7292] netlink: 504 bytes leftover after parsing attributes in process `syz.3.452'. [ 191.156115][ T7297] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 191.162782][ T7297] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 191.173453][ T7297] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 191.186441][ T7297] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 192.609786][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 193.167627][ T50] Bluetooth: hci0: command 0x0c1a tx timeout [ 193.247627][ T50] Bluetooth: hci2: command 0x0c1a tx timeout [ 193.254245][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 194.373758][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.380250][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.752162][ T7361] netlink: 252 bytes leftover after parsing attributes in process `syz.3.474'. [ 194.763468][ T7361] netlink: 252 bytes leftover after parsing attributes in process `syz.3.474'. [ 196.479061][ T7391] netlink: 504 bytes leftover after parsing attributes in process `syz.0.481'. [ 196.693802][ T7395] random: crng reseeded on system resumption [ 198.323273][ T7426] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input8 [ 200.115042][ T7459] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 200.448393][ T7468] netlink: 252 bytes leftover after parsing attributes in process `syz.0.500'. [ 200.465235][ T7468] netlink: 252 bytes leftover after parsing attributes in process `syz.0.500'. [ 202.880265][ T7477] kexec: Could not allocate control_code_buffer [ 203.814402][ T29] audit: type=1800 audit(1777926164.744:10): pid=7513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.515" name="lu_gp_id" dev="configfs" ino=18729 res=0 errno=0 [ 203.952986][ T7512] kstrtoul() returned -22 for lu_gp_id [ 204.473914][ T50] Bluetooth: hci1: unexpected event for opcode 0x7c89 [ 204.551321][ T7525] random: crng reseeded on system resumption [ 206.642315][ T7536] kexec: Could not allocate control_code_buffer syzkaller syzkaller login: [ 209.266751][ T7591] FAULT_INJECTION: forcing a failure. [ 209.266751][ T7591] name failslab, interval 1, probability 0, space 0, times 0 [ 209.282840][ T7591] CPU: 1 UID: 0 PID: 7591 Comm: syz.3.537 Tainted: G L syzkaller #0 PREEMPT(full) [ 209.282895][ T7591] Tainted: [L]=SOFTLOCKUP [ 209.282906][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 209.282925][ T7591] Call Trace: [ 209.282936][ T7591] [ 209.282948][ T7591] dump_stack_lvl+0x100/0x190 [ 209.282995][ T7591] should_fail_ex.cold+0x5/0xa [ 209.283044][ T7591] should_failslab+0xc2/0x120 [ 209.283085][ T7591] __kmalloc_cache_noprof+0x7a/0x6f0 [ 209.283136][ T7591] ? trace_pid_list_alloc+0x2fe/0x480 [ 209.283191][ T7591] trace_pid_list_alloc+0x2fe/0x480 [ 209.283240][ T7591] trace_pid_write+0x110/0x460 [ 209.283299][ T7591] ? __pfx_trace_pid_write+0x10/0x10 [ 209.283368][ T7591] event_pid_write.isra.0+0x1e4/0x7d0 [ 209.283419][ T7591] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 209.283481][ T7591] vfs_write+0x2aa/0x1070 [ 209.283519][ T7591] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 209.283570][ T7591] ? __pfx_vfs_write+0x10/0x10 [ 209.283605][ T7591] ? __fget_files+0x215/0x3d0 [ 209.283653][ T7591] ? __fget_files+0x21f/0x3d0 [ 209.283715][ T7591] ksys_write+0x12a/0x250 [ 209.283758][ T7591] ? __pfx_ksys_write+0x10/0x10 [ 209.283797][ T7591] ? rcu_is_watching+0x12/0xc0 [ 209.283840][ T7591] do_syscall_64+0x10b/0xf80 [ 209.283878][ T7591] ? clear_bhb_loop+0x40/0x90 [ 209.283917][ T7591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.283947][ T7591] RIP: 0033:0x7f3953d9cdd9 [ 209.283972][ T7591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.284003][ T7591] RSP: 002b:00007f3954d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 209.284032][ T7591] RAX: ffffffffffffffda RBX: 00007f3954015fa0 RCX: 00007f3953d9cdd9 [ 209.284053][ T7591] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 209.284071][ T7591] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 209.284088][ T7591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.284105][ T7591] R13: 00007f3954016038 R14: 00007f3954015fa0 R15: 00007ffce6eaeb18 [ 209.284145][ T7591] [ 209.822838][ T7598] netlink: 186 bytes leftover after parsing attributes in process `syz.0.539'. [ 209.860921][ T7598] netlink: 186 bytes leftover after parsing attributes in process `syz.0.539'. [ 211.037565][ T7614] random: crng reseeded on system resumption [ 211.617991][ T7629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.546'. [ 211.703563][ T7631] netlink: 25 bytes leftover after parsing attributes in process `syz.2.546'. [ 212.555374][ T50] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 212.555412][ T50] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 212.570578][ T50] Bluetooth: hci0: Dropping invalid advertising data [ 212.577715][ T50] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 213.065968][ T50] Bluetooth: hci1: Malformed Event: 0x02 [ 217.248462][ T7713] random: crng reseeded on system resumption [ 217.323539][ T50] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 217.323618][ T50] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 217.340164][ T50] Bluetooth: hci3: Dropping invalid advertising data [ 217.349637][ T50] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 218.273730][ T7726] process 'syz.2.568' launched ':,' with NULL argv: empty string added [ 219.236171][ T7744] netlink: 330 bytes leftover after parsing attributes in process `syz.2.574'. [ 219.314213][ T50] Bluetooth: hci0: unexpected event for opcode 0x7c89 [ 219.579292][ T7757] random: crng reseeded on system resumption [ 221.124970][ T7781] FAULT_INJECTION: forcing a failure. [ 221.124970][ T7781] name failslab, interval 1, probability 0, space 0, times 0 [ 221.143029][ T7781] CPU: 0 UID: 0 PID: 7781 Comm: syz.3.582 Tainted: G L syzkaller #0 PREEMPT(full) [ 221.143084][ T7781] Tainted: [L]=SOFTLOCKUP [ 221.143096][ T7781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 221.143116][ T7781] Call Trace: [ 221.143127][ T7781] [ 221.143140][ T7781] dump_stack_lvl+0x100/0x190 [ 221.143185][ T7781] should_fail_ex.cold+0x5/0xa [ 221.143229][ T7781] ? tracepoint_add_func+0x3a8/0x1150 [ 221.143282][ T7781] should_failslab+0xc2/0x120 [ 221.143334][ T7781] __kmalloc_noprof+0xe0/0x850 [ 221.143394][ T7781] ? __pfx_trace_event_raw_event_nfsd_file_open_class+0x10/0x10 [ 221.143457][ T7781] tracepoint_add_func+0x3a8/0x1150 [ 221.143505][ T7781] ? __pfx_trace_event_raw_event_nfsd_file_open_class+0x10/0x10 [ 221.143586][ T7781] ? __pfx_trace_event_raw_event_nfsd_file_open_class+0x10/0x10 [ 221.143682][ T7781] tracepoint_probe_register+0xc4/0x110 [ 221.143735][ T7781] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 221.143787][ T7781] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 221.143836][ T7781] ? __pfx_trace_event_raw_event_nfsd_file_open_class+0x10/0x10 [ 221.143911][ T7781] trace_event_reg+0x209/0x350 [ 221.143959][ T7781] __ftrace_event_enable_disable+0x211/0x6f0 [ 221.144019][ T7781] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 221.144066][ T7781] ftrace_set_clr_event+0x1b7/0x3f0 [ 221.144108][ T7781] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 221.144157][ T7781] ? trace_get_user+0x3ae/0xa70 [ 221.144216][ T7781] ftrace_event_write+0x259/0x2c0 [ 221.144253][ T7781] ? __pfx_ftrace_event_write+0x10/0x10 [ 221.144306][ T7781] vfs_write+0x2aa/0x1070 [ 221.144344][ T7781] ? __pfx_ftrace_event_write+0x10/0x10 [ 221.144383][ T7781] ? __pfx_vfs_write+0x10/0x10 [ 221.144417][ T7781] ? __fget_files+0x215/0x3d0 [ 221.144461][ T7781] ? __fget_files+0x21f/0x3d0 [ 221.144508][ T7781] ksys_write+0x12a/0x250 [ 221.144544][ T7781] ? __pfx_ksys_write+0x10/0x10 [ 221.144583][ T7781] ? rcu_is_watching+0x12/0xc0 [ 221.144627][ T7781] do_syscall_64+0x10b/0xf80 [ 221.144673][ T7781] ? clear_bhb_loop+0x40/0x90 [ 221.144713][ T7781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.144745][ T7781] RIP: 0033:0x7f3953d9cdd9 [ 221.144770][ T7781] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.144800][ T7781] RSP: 002b:00007f3954d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 221.144830][ T7781] RAX: ffffffffffffffda RBX: 00007f3954015fa0 RCX: 00007f3953d9cdd9 [ 221.144849][ T7781] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000006 [ 221.144867][ T7781] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 221.144884][ T7781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.144900][ T7781] R13: 00007f3954016038 R14: 00007f3954015fa0 R15: 00007ffce6eaeb18 [ 221.144939][ T7781] [ 221.145036][ T7781] event trace: Could not enable event nfsd_file_open [ 221.826130][ T50] Bluetooth: hci2: unexpected subevent 0x18 length: 123 > 19 [ 221.834634][ T50] Bluetooth: hci2: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 221.841665][ T7789] binder: 7788:7789 ioctl c0306201 200000000000 returned -11 [ 223.946214][ T7825] smpboot: CPU 1 is now offline [ 226.104873][ T7857] random: crng reseeded on system resumption [ 229.540486][ T7916] random: crng reseeded on system resumption [ 231.181146][ T7910] kexec: Could not allocate control_code_buffer [ 232.441692][ T7955] random: crng reseeded on system resumption [ 233.408740][ T7963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.627'. [ 236.193840][ T8008] netlink: 28 bytes leftover after parsing attributes in process `syz.2.641'. [ 236.284264][ T8008] veth1_macvtap: left promiscuous mode [ 236.341105][ T8008] macsec0: entered promiscuous mode [ 236.394170][ T8008] macsec0: entered allmulticast mode [ 237.595094][ T8028] program syz.0.647 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 242.435104][ T8080] netlink: 146 bytes leftover after parsing attributes in process `syz.0.661'. [ 246.005173][ T8127] mmap: syz.1.678 (8127) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 247.360154][ T8143] netlink: 186 bytes leftover after parsing attributes in process `syz.1.682'. [ 247.592125][ T8146] netlink: 186 bytes leftover after parsing attributes in process `syz.1.682'. [ 247.670146][ T8151] netlink: 'syz.2.685': attribute type 19 has an invalid length. [ 247.711859][ T8151] netlink: 226 bytes leftover after parsing attributes in process `syz.2.685'. [ 248.523683][ T8160] FAULT_INJECTION: forcing a failure. [ 248.523683][ T8160] name failslab, interval 1, probability 0, space 0, times 0 [ 248.680948][ T8160] CPU: 0 UID: 0 PID: 8160 Comm: syz.0.688 Tainted: G L syzkaller #0 PREEMPT(full) [ 248.680987][ T8160] Tainted: [L]=SOFTLOCKUP [ 248.680995][ T8160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 248.681013][ T8160] Call Trace: [ 248.681021][ T8160] [ 248.681030][ T8160] dump_stack_lvl+0x100/0x190 [ 248.681064][ T8160] should_fail_ex.cold+0x5/0xa [ 248.681096][ T8160] should_failslab+0xc2/0x120 [ 248.681125][ T8160] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 248.681165][ T8160] ? vm_area_dup+0x27/0x8e0 [ 248.681206][ T8160] ? __vma_start_write+0x17f/0x280 [ 248.681247][ T8160] vm_area_dup+0x27/0x8e0 [ 248.681285][ T8160] dup_mmap+0x6f6/0x2180 [ 248.681330][ T8160] ? __pfx_dup_mmap+0x10/0x10 [ 248.681360][ T8160] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 248.681397][ T8160] ? __lock_acquire+0x4a5/0x2630 [ 248.681422][ T8160] ? find_held_lock+0x2b/0x80 [ 248.681454][ T8160] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 248.681502][ T8160] copy_process+0x6c63/0x7e00 [ 248.681554][ T8160] ? __pfx_copy_process+0x10/0x10 [ 248.681589][ T8160] ? find_held_lock+0x2b/0x80 [ 248.681627][ T8160] ? futex_private_hash_put+0x107/0x1c0 [ 248.681675][ T8160] kernel_clone+0x12e/0x9c0 [ 248.681712][ T8160] ? __pfx_kernel_clone+0x10/0x10 [ 248.681764][ T8160] __do_sys_clone+0xd9/0x120 [ 248.681800][ T8160] ? __pfx___do_sys_clone+0x10/0x10 [ 248.681836][ T8160] ? __fget_files+0x21f/0x3d0 [ 248.681881][ T8160] ? rcu_is_watching+0x12/0xc0 [ 248.681915][ T8160] do_syscall_64+0x10b/0xf80 [ 248.681946][ T8160] ? clear_bhb_loop+0x40/0x90 [ 248.681976][ T8160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.682001][ T8160] RIP: 0033:0x7fb785b9cdd9 [ 248.682021][ T8160] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 248.682045][ T8160] RSP: 002b:00007fb786ad1fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 248.682068][ T8160] RAX: ffffffffffffffda RBX: 00007fb785e16090 RCX: 00007fb785b9cdd9 [ 248.682084][ T8160] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000011 [ 248.682099][ T8160] RBP: 00007fb785c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 248.682114][ T8160] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 248.682128][ T8160] R13: 00007fb785e16128 R14: 00007fb785e16090 R15: 00007ffd8e982748 [ 248.682159][ T8160] [ 254.390670][ T8225] netlink: 146 bytes leftover after parsing attributes in process `syz.0.706'. [ 254.531205][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 254.538720][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 254.699164][ T8228] netlink: 'syz.1.707': attribute type 15 has an invalid length. [ 254.773293][ T8228] netlink: 'syz.1.707': attribute type 16 has an invalid length. [ 254.852792][ T8228] netlink: 194 bytes leftover after parsing attributes in process `syz.1.707'. [ 257.385115][ T8264] netlink: 346 bytes leftover after parsing attributes in process `syz.0.716'. [ 258.295047][ T8277] netlink: 342 bytes leftover after parsing attributes in process `syz.1.721'. [ 258.551074][ T8283] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 258.900038][ T8292] FAULT_INJECTION: forcing a failure. [ 258.900038][ T8292] name failslab, interval 1, probability 0, space 0, times 0 [ 259.062313][ T8292] CPU: 0 UID: 0 PID: 8292 Comm: syz.1.726 Tainted: G L syzkaller #0 PREEMPT(full) [ 259.062352][ T8292] Tainted: [L]=SOFTLOCKUP [ 259.062361][ T8292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 259.062375][ T8292] Call Trace: [ 259.062383][ T8292] [ 259.062392][ T8292] dump_stack_lvl+0x100/0x190 [ 259.062423][ T8292] should_fail_ex.cold+0x5/0xa [ 259.062460][ T8292] should_failslab+0xc2/0x120 [ 259.062489][ T8292] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 259.062535][ T8292] ? prepare_creds+0x2c/0x950 [ 259.062562][ T8292] ? from_kuid_munged+0xaa/0x130 [ 259.062603][ T8292] prepare_creds+0x2c/0x950 [ 259.062631][ T8292] __sys_setfsuid+0xda/0x380 [ 259.062667][ T8292] do_syscall_64+0x10b/0xf80 [ 259.062699][ T8292] ? clear_bhb_loop+0x40/0x90 [ 259.062729][ T8292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.062754][ T8292] RIP: 0033:0x7fd59459cdd9 [ 259.062774][ T8292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.062797][ T8292] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 259.062820][ T8292] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 259.062836][ T8292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 259.062850][ T8292] RBP: 00007fd594632d69 R08: 0000000000000000 R09: 0000000000000000 [ 259.062865][ T8292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.062879][ T8292] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 259.062914][ T8292] [ 261.579476][ T8329] FAULT_INJECTION: forcing a failure. [ 261.579476][ T8329] name failslab, interval 1, probability 0, space 0, times 0 [ 261.746164][ T8329] CPU: 0 UID: 0 PID: 8329 Comm: syz.2.733 Tainted: G L syzkaller #0 PREEMPT(full) [ 261.746203][ T8329] Tainted: [L]=SOFTLOCKUP [ 261.746212][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 261.746227][ T8329] Call Trace: [ 261.746235][ T8329] [ 261.746244][ T8329] dump_stack_lvl+0x100/0x190 [ 261.746276][ T8329] should_fail_ex.cold+0x5/0xa [ 261.746307][ T8329] should_failslab+0xc2/0x120 [ 261.746337][ T8329] __kmalloc_cache_noprof+0x7a/0x6f0 [ 261.746385][ T8329] ? kvm_init_irq_routing+0x43/0xf0 [ 261.746420][ T8329] kvm_init_irq_routing+0x43/0xf0 [ 261.746448][ T8329] kvm_dev_ioctl+0x7d4/0x1a50 [ 261.746490][ T8329] ? find_held_lock+0x2b/0x80 [ 261.746522][ T8329] ? __fget_files+0x215/0x3d0 [ 261.746549][ T8329] ? hook_file_ioctl_common+0x149/0x410 [ 261.746577][ T8329] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 261.746616][ T8329] ? __fget_files+0x21f/0x3d0 [ 261.746649][ T8329] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 261.746687][ T8329] __x64_sys_ioctl+0x18e/0x210 [ 261.746713][ T8329] do_syscall_64+0x10b/0xf80 [ 261.746744][ T8329] ? clear_bhb_loop+0x40/0x90 [ 261.746775][ T8329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.746800][ T8329] RIP: 0033:0x7fbe0af9cdd9 [ 261.746819][ T8329] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 261.746842][ T8329] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 261.746865][ T8329] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 261.746882][ T8329] RDX: 000000004a010000 RSI: 000000000000ae01 RDI: 0000000000000006 [ 261.746897][ T8329] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 261.746912][ T8329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.746926][ T8329] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 261.746956][ T8329] [ 262.260917][ T8338] netlink: 4 bytes leftover after parsing attributes in process `syz.0.735'. [ 262.325124][ T8338] netlink: 13 bytes leftover after parsing attributes in process `syz.0.735'. [ 262.963144][ T8353] netlink: 4 bytes leftover after parsing attributes in process `syz.0.738'. [ 263.060191][ T8353] netlink: 25 bytes leftover after parsing attributes in process `syz.0.738'. [ 269.016954][ T8431] netlink: 306 bytes leftover after parsing attributes in process `syz.3.762'. [ 269.851055][ T8442] netlink: 'syz.3.765': attribute type 28 has an invalid length. [ 269.962359][ T8442] netlink: 'syz.3.765': attribute type 3 has an invalid length. [ 270.073035][ T8442] netlink: 306 bytes leftover after parsing attributes in process `syz.3.765'. [ 271.402570][ T8468] warning: `syz.3.772' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 271.867416][ T8473] random: crng reseeded on system resumption [ 273.059110][ T8486] FAULT_INJECTION: forcing a failure. [ 273.059110][ T8486] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 273.128464][ T8486] CPU: 0 UID: 0 PID: 8486 Comm: syz.2.779 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.128503][ T8486] Tainted: [L]=SOFTLOCKUP [ 273.128512][ T8486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 273.128527][ T8486] Call Trace: [ 273.128535][ T8486] [ 273.128544][ T8486] dump_stack_lvl+0x100/0x190 [ 273.128592][ T8486] should_fail_ex.cold+0x5/0xa [ 273.128618][ T8486] ? prepare_alloc_pages+0x16d/0x5f0 [ 273.128670][ T8486] should_fail_alloc_page+0xeb/0x140 [ 273.128701][ T8486] prepare_alloc_pages+0x1f0/0x5f0 [ 273.128744][ T8486] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 273.128797][ T8486] ? do_raw_spin_lock+0x128/0x260 [ 273.128832][ T8486] ? mark_held_locks+0x40/0x70 [ 273.128855][ T8486] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 273.128898][ T8486] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 273.128939][ T8486] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 273.128978][ T8486] ? __pmd_alloc+0xbf/0x950 [ 273.129008][ T8486] ? __handle_mm_fault+0xa9c/0x2a00 [ 273.129051][ T8486] ? handle_mm_fault+0x36d/0xa20 [ 273.129086][ T8486] ? __get_user_pages+0x1178/0x32a0 [ 273.129115][ T8486] ? get_user_pages_remote+0x3d2/0xb10 [ 273.129145][ T8486] ? get_arg_page+0xf4/0x310 [ 273.129167][ T8486] ? copy_string_kernel+0x17d/0x3f0 [ 273.129190][ T8486] ? do_execveat_common.isra.0+0x2e6/0x580 [ 273.129216][ T8486] ? __x64_sys_execveat+0xdf/0x130 [ 273.129242][ T8486] ? do_syscall_64+0x10b/0xf80 [ 273.129273][ T8486] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.129298][ T8486] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 273.129337][ T8486] ? policy_nodemask+0xed/0x4f0 [ 273.129367][ T8486] alloc_pages_mpol+0x1fb/0x540 [ 273.129398][ T8486] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 273.129429][ T8486] ? __lock_acquire+0x4a5/0x2630 [ 273.129455][ T8486] alloc_pages_noprof+0x1a/0x160 [ 273.129489][ T8486] pte_alloc_one+0x1c/0x3d0 [ 273.129524][ T8486] __pte_alloc+0x6d/0x3e0 [ 273.129551][ T8486] ? __pfx___pte_alloc+0x10/0x10 [ 273.129579][ T8486] ? do_raw_spin_lock+0x128/0x260 [ 273.129607][ T8486] ? find_held_lock+0x2b/0x80 [ 273.129642][ T8486] do_anonymous_page+0x13c6/0x2050 [ 273.129683][ T8486] ? __pmd_alloc+0x3fb/0x950 [ 273.129717][ T8486] __handle_mm_fault+0x1d2c/0x2a00 [ 273.129760][ T8486] ? mt_find+0x45e/0x8e0 [ 273.129796][ T8486] ? __pfx___handle_mm_fault+0x10/0x10 [ 273.129832][ T8486] ? __pfx_mt_find+0x10/0x10 [ 273.129888][ T8486] handle_mm_fault+0x36d/0xa20 [ 273.129931][ T8486] __get_user_pages+0x1178/0x32a0 [ 273.129973][ T8486] ? __pfx___get_user_pages+0x10/0x10 [ 273.130016][ T8486] get_user_pages_remote+0x3d2/0xb10 [ 273.130053][ T8486] ? __pfx_get_user_pages_remote+0x10/0x10 [ 273.130086][ T8486] ? __pfx_create_init_stack_vma+0x10/0x10 [ 273.130119][ T8486] get_arg_page+0xf4/0x310 [ 273.130144][ T8486] ? __pfx_get_arg_page+0x10/0x10 [ 273.130170][ T8486] ? alloc_bprm+0x3da/0x710 [ 273.130193][ T8486] ? alloc_bprm+0x3da/0x710 [ 273.130221][ T8486] copy_string_kernel+0x17d/0x3f0 [ 273.130247][ T8486] ? alloc_bprm+0x420/0x710 [ 273.130274][ T8486] do_execveat_common.isra.0+0x2e6/0x580 [ 273.130308][ T8486] __x64_sys_execveat+0xdf/0x130 [ 273.130337][ T8486] do_syscall_64+0x10b/0xf80 [ 273.130368][ T8486] ? clear_bhb_loop+0x40/0x90 [ 273.130398][ T8486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.130423][ T8486] RIP: 0033:0x7fbe0af9cdd9 [ 273.130443][ T8486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.130467][ T8486] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 273.130490][ T8486] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 273.130506][ T8486] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 273.130521][ T8486] RBP: 00007fbe0b032d69 R08: 0000000000001000 R09: 0000000000000000 [ 273.130536][ T8486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.130560][ T8486] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 273.130590][ T8486] [ 273.131260][ T8488] FAULT_INJECTION: forcing a failure. [ 273.131260][ T8488] name failslab, interval 1, probability 0, space 0, times 0 [ 273.631251][ T8484] sctp: [Deprecated]: syz.0.776 (pid 8484) Use of struct sctp_assoc_value in delayed_ack socket option. [ 273.631251][ T8484] Use struct sctp_sack_info instead [ 275.084891][ T8500] syz.0.783 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 276.557083][ T8488] CPU: 0 UID: 0 PID: 8488 Comm: syz.3.778 Tainted: G L syzkaller #0 PREEMPT(full) [ 276.557120][ T8488] Tainted: [L]=SOFTLOCKUP [ 276.557128][ T8488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 276.557141][ T8488] Call Trace: [ 276.557149][ T8488] [ 276.557157][ T8488] dump_stack_lvl+0x100/0x190 [ 276.557189][ T8488] should_fail_ex.cold+0x5/0xa [ 276.557219][ T8488] should_failslab+0xc2/0x120 [ 276.557246][ T8488] __kmalloc_cache_noprof+0x7a/0x6f0 [ 276.557279][ T8488] ? snd_hrtimer_open+0x43/0xf0 [ 276.557320][ T8488] ? __pfx_snd_hrtimer_open+0x10/0x10 [ 276.557356][ T8488] snd_hrtimer_open+0x43/0xf0 [ 276.557393][ T8488] snd_timer_open+0xb65/0x1100 [ 276.557431][ T8488] ? __pfx_snd_timer_open+0x10/0x10 [ 276.557468][ T8488] ? kstrdup+0xb3/0xe0 [ 276.557495][ T8488] snd_seq_timer_open+0x289/0x5d0 [ 276.557522][ T8488] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 276.557555][ T8488] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 276.557583][ T8488] ? lockdep_hardirqs_on+0x78/0x100 [ 276.557612][ T8488] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 276.557642][ T8488] queue_use+0xdc/0x1f0 [ 276.557684][ T8488] snd_seq_queue_alloc+0x2e5/0x540 [ 276.557743][ T8488] snd_seq_ioctl_create_queue+0xa9/0x370 [ 276.557774][ T8488] call_seq_client_ctl+0xa3/0x130 [ 276.557809][ T8488] snd_seq_kernel_client_ctl+0x77/0xd0 [ 276.557841][ T8488] alloc_seq_queue+0xdb/0x180 [ 276.557872][ T8488] ? __pfx_alloc_seq_queue+0x10/0x10 [ 276.557921][ T8488] ? mark_held_locks+0x40/0x70 [ 276.557947][ T8488] snd_seq_oss_open+0x2b2/0xa10 [ 276.557990][ T8488] odev_open+0x6f/0x90 [ 276.558017][ T8488] ? __pfx_odev_open+0x10/0x10 [ 276.558045][ T8488] soundcore_open+0x2e3/0x5a0 [ 276.558078][ T8488] ? __pfx_soundcore_open+0x10/0x10 [ 276.558109][ T8488] chrdev_open+0x234/0x6a0 [ 276.558138][ T8488] ? __pfx_apparmor_file_open+0x10/0x10 [ 276.558177][ T8488] ? __pfx_chrdev_open+0x10/0x10 [ 276.558208][ T8488] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 276.558246][ T8488] do_dentry_open+0x6d8/0x1660 [ 276.558275][ T8488] ? __pfx_chrdev_open+0x10/0x10 [ 276.558311][ T8488] vfs_open+0x82/0x3f0 [ 276.558350][ T8488] path_openat+0x208c/0x31a0 [ 276.558390][ T8488] ? __pfx_path_openat+0x10/0x10 [ 276.558431][ T8488] do_file_open+0x20e/0x430 [ 276.558463][ T8488] ? __pfx_do_file_open+0x10/0x10 [ 276.558513][ T8488] ? alloc_fd+0x476/0x790 [ 276.558544][ T8488] ? do_getname+0x191/0x390 [ 276.558582][ T8488] do_sys_openat2+0x10d/0x1e0 [ 276.558619][ T8488] ? __pfx_do_sys_openat2+0x10/0x10 [ 276.558666][ T8488] __x64_sys_openat+0x12d/0x210 [ 276.558704][ T8488] ? __pfx___x64_sys_openat+0x10/0x10 [ 276.558747][ T8488] ? rcu_is_watching+0x12/0xc0 [ 276.558780][ T8488] do_syscall_64+0x10b/0xf80 [ 276.558809][ T8488] ? clear_bhb_loop+0x40/0x90 [ 276.558838][ T8488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.558862][ T8488] RIP: 0033:0x7f3953d9cdd9 [ 276.558881][ T8488] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 276.558903][ T8488] RSP: 002b:00007f3954d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 276.558925][ T8488] RAX: ffffffffffffffda RBX: 00007f3954015fa0 RCX: 00007f3953d9cdd9 [ 276.558940][ T8488] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 276.558955][ T8488] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 276.558974][ T8488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.558988][ T8488] R13: 00007f3954016038 R14: 00007f3954015fa0 R15: 00007ffce6eaeb18 [ 276.559018][ T8488] [ 280.732807][ T8566] netlink: 62 bytes leftover after parsing attributes in process `syz.3.801'. [ 281.537049][ T8578] netlink: 330 bytes leftover after parsing attributes in process `syz.3.804'. [ 281.579899][ T8577] WARNING! power/level is deprecated; use power/control instead [ 282.269634][ T8591] netlink: 4 bytes leftover after parsing attributes in process `syz.2.809'. [ 282.584774][ T8596] netlink: 'syz.1.811': attribute type 11 has an invalid length. [ 283.859357][ T8615] FAULT_INJECTION: forcing a failure. [ 283.859357][ T8615] name failslab, interval 1, probability 0, space 0, times 0 [ 283.943202][ T8615] CPU: 0 UID: 0 PID: 8615 Comm: syz.2.818 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.943242][ T8615] Tainted: [L]=SOFTLOCKUP [ 283.943250][ T8615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 283.943265][ T8615] Call Trace: [ 283.943274][ T8615] [ 283.943283][ T8615] dump_stack_lvl+0x100/0x190 [ 283.943318][ T8615] should_fail_ex.cold+0x5/0xa [ 283.943351][ T8615] should_failslab+0xc2/0x120 [ 283.943380][ T8615] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 283.943422][ T8615] ? sock_alloc_inode+0x26/0x290 [ 283.943456][ T8615] ? __pfx_sock_alloc_inode+0x10/0x10 [ 283.943489][ T8615] sock_alloc_inode+0x26/0x290 [ 283.943520][ T8615] ? __pfx_sock_alloc_inode+0x10/0x10 [ 283.943550][ T8615] alloc_inode+0x68/0x250 [ 283.943589][ T8615] sock_alloc+0x44/0x280 [ 283.943615][ T8615] ? security_socket_create+0x7f/0x250 [ 283.943655][ T8615] sock_create_lite+0x82/0x120 [ 283.943687][ T8615] __netlink_kernel_create+0xbd/0x750 [ 283.943724][ T8615] ? __pfx___netlink_kernel_create+0x10/0x10 [ 283.943778][ T8615] uevent_net_init+0xf8/0x330 [ 283.943800][ T8615] ? __pfx_uevent_net_init+0x10/0x10 [ 283.943824][ T8615] ? __pfx_uevent_net_rcv+0x10/0x10 [ 283.943847][ T8615] ? __kmalloc_noprof+0x320/0x850 [ 283.943890][ T8615] ? __pfx_uevent_net_init+0x10/0x10 [ 283.943911][ T8615] ops_init+0x1e2/0x5f0 [ 283.943941][ T8615] setup_net+0x118/0x3a0 [ 283.943968][ T8615] ? __pfx_setup_net+0x10/0x10 [ 283.943995][ T8615] ? mutex_init_lockdep+0xf1/0x120 [ 283.944025][ T8615] copy_net_ns+0x46f/0x7c0 [ 283.944066][ T8615] create_new_namespaces+0x3ea/0xac0 [ 283.944112][ T8615] unshare_nsproxy_namespaces+0xf2/0x220 [ 283.944147][ T8615] ksys_unshare+0x438/0xab0 [ 283.944205][ T8615] ? __pfx_ksys_unshare+0x10/0x10 [ 283.944245][ T8615] ? xfd_validate_state+0x129/0x190 [ 283.944280][ T8615] __x64_sys_unshare+0x31/0x40 [ 283.944320][ T8615] do_syscall_64+0x10b/0xf80 [ 283.944353][ T8615] ? clear_bhb_loop+0x40/0x90 [ 283.944383][ T8615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.944408][ T8615] RIP: 0033:0x7fbe0af9cdd9 [ 283.944428][ T8615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.944451][ T8615] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 283.944474][ T8615] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 283.944490][ T8615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 283.944505][ T8615] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 283.944520][ T8615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.944535][ T8615] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 283.944566][ T8615] [ 284.257909][ T8615] kobject_uevent: unable to create netlink socket! [ 285.006162][ T8620] vcan0: tx drop: invalid da for name 0x000000000000003f [ 285.616337][ T8634] FAULT_INJECTION: forcing a failure. [ 285.616337][ T8634] name failslab, interval 1, probability 0, space 0, times 0 [ 285.695044][ T8634] CPU: 0 UID: 0 PID: 8634 Comm: syz.2.825 Tainted: G L syzkaller #0 PREEMPT(full) [ 285.695084][ T8634] Tainted: [L]=SOFTLOCKUP [ 285.695092][ T8634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 285.695108][ T8634] Call Trace: [ 285.695116][ T8634] [ 285.695125][ T8634] dump_stack_lvl+0x100/0x190 [ 285.695157][ T8634] should_fail_ex.cold+0x5/0xa [ 285.695190][ T8634] should_failslab+0xc2/0x120 [ 285.695219][ T8634] __kmalloc_cache_noprof+0x7a/0x6f0 [ 285.695256][ T8634] ? apply_subsystem_event_filter+0x54f/0x17b0 [ 285.695294][ T8634] ? append_filter_err+0x43a/0x620 [ 285.695331][ T8634] apply_subsystem_event_filter+0x54f/0x17b0 [ 285.695377][ T8634] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 285.695420][ T8634] ? _copy_from_user+0x59/0xd0 [ 285.695464][ T8634] subsystem_filter_write+0x95/0x120 [ 285.695502][ T8634] vfs_write+0x2aa/0x1070 [ 285.695531][ T8634] ? __pfx_subsystem_filter_write+0x10/0x10 [ 285.695570][ T8634] ? __pfx_vfs_write+0x10/0x10 [ 285.695597][ T8634] ? __fget_files+0x215/0x3d0 [ 285.695632][ T8634] ? __fget_files+0x21f/0x3d0 [ 285.695669][ T8634] ksys_write+0x12a/0x250 [ 285.695696][ T8634] ? __pfx_ksys_write+0x10/0x10 [ 285.695727][ T8634] ? rcu_is_watching+0x12/0xc0 [ 285.695761][ T8634] do_syscall_64+0x10b/0xf80 [ 285.695798][ T8634] ? clear_bhb_loop+0x40/0x90 [ 285.695828][ T8634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.695854][ T8634] RIP: 0033:0x7fbe0af9cdd9 [ 285.695874][ T8634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.695903][ T8634] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 285.695926][ T8634] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 285.695942][ T8634] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000004 [ 285.695957][ T8634] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 285.695972][ T8634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.695986][ T8634] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 285.696030][ T8634] [ 286.731914][ T8632] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 286.991380][ T8645] Process accounting resumed [ 287.300248][ T8650] FAULT_INJECTION: forcing a failure. [ 287.300248][ T8650] name failslab, interval 1, probability 0, space 0, times 0 [ 287.391586][ T8650] CPU: 0 UID: 0 PID: 8650 Comm: syz.1.831 Tainted: G L syzkaller #0 PREEMPT(full) [ 287.391624][ T8650] Tainted: [L]=SOFTLOCKUP [ 287.391633][ T8650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 287.391647][ T8650] Call Trace: [ 287.391658][ T8650] [ 287.391666][ T8650] dump_stack_lvl+0x100/0x190 [ 287.391704][ T8650] should_fail_ex.cold+0x5/0xa [ 287.391735][ T8650] should_failslab+0xc2/0x120 [ 287.391763][ T8650] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 287.391802][ T8650] ? anon_vma_clone+0x2ba/0xcd0 [ 287.391840][ T8650] anon_vma_clone+0x2ba/0xcd0 [ 287.391881][ T8650] anon_vma_fork+0x1bb/0x6b0 [ 287.391921][ T8650] dup_mmap+0x141f/0x2180 [ 287.391964][ T8650] ? __pfx_dup_mmap+0x10/0x10 [ 287.391994][ T8650] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 287.392029][ T8650] ? __lock_acquire+0x4a5/0x2630 [ 287.392053][ T8650] ? find_held_lock+0x2b/0x80 [ 287.392088][ T8650] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 287.392154][ T8650] copy_process+0x6c63/0x7e00 [ 287.392206][ T8650] ? __pfx_copy_process+0x10/0x10 [ 287.392242][ T8650] ? find_held_lock+0x2b/0x80 [ 287.392279][ T8650] ? futex_private_hash_put+0x107/0x1c0 [ 287.392327][ T8650] kernel_clone+0x12e/0x9c0 [ 287.392365][ T8650] ? __pfx_kernel_clone+0x10/0x10 [ 287.392416][ T8650] __do_sys_clone+0xd9/0x120 [ 287.392452][ T8650] ? __pfx___do_sys_clone+0x10/0x10 [ 287.392507][ T8650] ? rcu_is_watching+0x12/0xc0 [ 287.392540][ T8650] do_syscall_64+0x10b/0xf80 [ 287.392572][ T8650] ? clear_bhb_loop+0x40/0x90 [ 287.392602][ T8650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.392627][ T8650] RIP: 0033:0x7fd59459cdd9 [ 287.392647][ T8650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.392671][ T8650] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 287.392718][ T8650] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 287.392734][ T8650] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 287.392749][ T8650] RBP: 00007fd594632d69 R08: 0000000000000003 R09: 0000000000000000 [ 287.392764][ T8650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.392778][ T8650] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 287.392809][ T8650] [ 290.948177][ T8709] FAULT_INJECTION: forcing a failure. [ 290.948177][ T8709] name failslab, interval 1, probability 0, space 0, times 0 [ 291.021059][ T8709] CPU: 0 UID: 0 PID: 8709 Comm: syz.0.848 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.021099][ T8709] Tainted: [L]=SOFTLOCKUP [ 291.021108][ T8709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 291.021122][ T8709] Call Trace: [ 291.021130][ T8709] [ 291.021139][ T8709] dump_stack_lvl+0x100/0x190 [ 291.021173][ T8709] should_fail_ex.cold+0x5/0xa [ 291.021205][ T8709] should_failslab+0xc2/0x120 [ 291.021234][ T8709] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 291.021276][ T8709] ? sock_alloc_inode+0x26/0x290 [ 291.021310][ T8709] ? __pfx_sock_alloc_inode+0x10/0x10 [ 291.021343][ T8709] sock_alloc_inode+0x26/0x290 [ 291.021374][ T8709] ? __pfx_sock_alloc_inode+0x10/0x10 [ 291.021411][ T8709] alloc_inode+0x68/0x250 [ 291.021451][ T8709] sock_alloc+0x44/0x280 [ 291.021477][ T8709] ? security_socket_create+0x7f/0x250 [ 291.021517][ T8709] sock_create_lite+0x82/0x120 [ 291.021549][ T8709] __netlink_kernel_create+0xbd/0x750 [ 291.021585][ T8709] ? __pfx___netlink_kernel_create+0x10/0x10 [ 291.021627][ T8709] uevent_net_init+0xf8/0x330 [ 291.021651][ T8709] ? __pfx_uevent_net_init+0x10/0x10 [ 291.021675][ T8709] ? __pfx_uevent_net_rcv+0x10/0x10 [ 291.021699][ T8709] ? __kmalloc_noprof+0x320/0x850 [ 291.021744][ T8709] ? __pfx_uevent_net_init+0x10/0x10 [ 291.021766][ T8709] ops_init+0x1e2/0x5f0 [ 291.021796][ T8709] setup_net+0x118/0x3a0 [ 291.021824][ T8709] ? __pfx_setup_net+0x10/0x10 [ 291.021852][ T8709] ? mutex_init_lockdep+0xf1/0x120 [ 291.021883][ T8709] copy_net_ns+0x46f/0x7c0 [ 291.021916][ T8709] create_new_namespaces+0x3ea/0xac0 [ 291.021955][ T8709] unshare_nsproxy_namespaces+0xf2/0x220 [ 291.021991][ T8709] ksys_unshare+0x438/0xab0 [ 291.022030][ T8709] ? __pfx_ksys_unshare+0x10/0x10 [ 291.022067][ T8709] ? xfd_validate_state+0x129/0x190 [ 291.022102][ T8709] __x64_sys_unshare+0x31/0x40 [ 291.022140][ T8709] do_syscall_64+0x10b/0xf80 [ 291.022171][ T8709] ? clear_bhb_loop+0x40/0x90 [ 291.022201][ T8709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.022226][ T8709] RIP: 0033:0x7fb785b9cdd9 [ 291.022246][ T8709] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 291.022275][ T8709] RSP: 002b:00007fb786af3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 291.022298][ T8709] RAX: ffffffffffffffda RBX: 00007fb785e15fa0 RCX: 00007fb785b9cdd9 [ 291.022321][ T8709] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 291.022336][ T8709] RBP: 00007fb785c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 291.022351][ T8709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.022366][ T8709] R13: 00007fb785e16038 R14: 00007fb785e15fa0 R15: 00007ffd8e982748 [ 291.022401][ T8709] [ 291.383330][ T8709] kobject_uevent: unable to create netlink socket! [ 291.734245][ T8724] netlink: 'syz.2.853': attribute type 1 has an invalid length. [ 291.742293][ T8724] netlink: 13 bytes leftover after parsing attributes in process `syz.2.853'. [ 291.767308][ T8724] netlink: 'syz.2.853': attribute type 1 has an invalid length. [ 295.608891][ T8760] FAULT_INJECTION: forcing a failure. [ 295.608891][ T8760] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 295.628491][ T8761] FAULT_INJECTION: forcing a failure. [ 295.628491][ T8761] name failslab, interval 1, probability 0, space 0, times 0 [ 295.685007][ T8760] CPU: 0 UID: 0 PID: 8760 Comm: syz.0.862 Tainted: G L syzkaller #0 PREEMPT(full) [ 295.685047][ T8760] Tainted: [L]=SOFTLOCKUP [ 295.685055][ T8760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 295.685070][ T8760] Call Trace: [ 295.685078][ T8760] [ 295.685087][ T8760] dump_stack_lvl+0x100/0x190 [ 295.685119][ T8760] should_fail_ex.cold+0x5/0xa [ 295.685146][ T8760] ? prepare_alloc_pages+0x16d/0x5f0 [ 295.685180][ T8760] should_fail_alloc_page+0xeb/0x140 [ 295.685211][ T8760] prepare_alloc_pages+0x1f0/0x5f0 [ 295.685242][ T8760] ? rcu_is_watching+0x12/0xc0 [ 295.685276][ T8760] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 295.685318][ T8760] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 295.685363][ T8760] ? __lock_acquire+0x4a5/0x2630 [ 295.685398][ T8760] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 295.685439][ T8760] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 295.685490][ T8760] ? is_bpf_text_address+0x8a/0x1a0 [ 295.685537][ T8760] ? bpf_ksym_find+0x124/0x1c0 [ 295.685566][ T8760] ? __lock_acquire+0x4a5/0x2630 [ 295.685592][ T8760] ? __lock_acquire+0x4a5/0x2630 [ 295.685612][ T8760] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 295.685650][ T8760] ? policy_nodemask+0xed/0x4f0 [ 295.685679][ T8760] alloc_pages_mpol+0x1fb/0x540 [ 295.685708][ T8760] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 295.685736][ T8760] ? find_held_lock+0x2b/0x80 [ 295.685767][ T8760] ? __pud_alloc+0x4f6/0x690 [ 295.685797][ T8760] ? __pud_alloc+0x4f6/0x690 [ 295.685829][ T8760] alloc_pages_noprof+0x1a/0x160 [ 295.685862][ T8760] __pmd_alloc+0x3b/0x950 [ 295.685891][ T8760] ? __pud_alloc+0x4fb/0x690 [ 295.685923][ T8760] copy_page_range+0x418b/0x5b00 [ 295.685970][ T8760] ? rcu_is_watching+0x12/0xc0 [ 295.686002][ T8760] ? __lock_acquire+0x4a5/0x2630 [ 295.686026][ T8760] ? find_held_lock+0x2b/0x80 [ 295.686073][ T8760] ? mas_wr_store_entry+0xa1/0x1e80 [ 295.686111][ T8760] ? __pfx_copy_page_range+0x10/0x10 [ 295.686152][ T8760] ? mas_store+0x666/0xac0 [ 295.686195][ T8760] ? __pfx_mas_store+0x10/0x10 [ 295.686255][ T8760] ? __pfx___vma_start_write+0x10/0x10 [ 295.686300][ T8760] dup_mmap+0xd25/0x2180 [ 295.686350][ T8760] ? __pfx_dup_mmap+0x10/0x10 [ 295.686381][ T8760] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 295.686417][ T8760] ? __lock_acquire+0x4a5/0x2630 [ 295.686441][ T8760] ? find_held_lock+0x2b/0x80 [ 295.686472][ T8760] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 295.686521][ T8760] copy_process+0x6c63/0x7e00 [ 295.686572][ T8760] ? __pfx_copy_process+0x10/0x10 [ 295.686612][ T8760] ? futex_hash+0x141/0x370 [ 295.686642][ T8760] kernel_clone+0x12e/0x9c0 [ 295.686675][ T8760] ? __pfx_futex_wait+0x10/0x10 [ 295.686710][ T8760] ? __pfx_kernel_clone+0x10/0x10 [ 295.686762][ T8760] __do_sys_clone+0xd9/0x120 [ 295.686798][ T8760] ? __pfx___do_sys_clone+0x10/0x10 [ 295.686852][ T8760] ? rcu_is_watching+0x12/0xc0 [ 295.686885][ T8760] do_syscall_64+0x10b/0xf80 [ 295.686916][ T8760] ? clear_bhb_loop+0x40/0x90 [ 295.686947][ T8760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.686979][ T8760] RIP: 0033:0x7fb785b9cdd9 [ 295.686999][ T8760] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 295.687022][ T8760] RSP: 002b:00007fb786af3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 295.687046][ T8760] RAX: ffffffffffffffda RBX: 00007fb785e15fa0 RCX: 00007fb785b9cdd9 [ 295.687062][ T8760] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 295.687077][ T8760] RBP: 00007fb785c32d69 R08: 0000000000000003 R09: 0000000000000000 [ 295.687092][ T8760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.687106][ T8760] R13: 00007fb785e16038 R14: 00007fb785e15fa0 R15: 00007ffd8e982748 [ 295.687137][ T8760] [ 296.442994][ T8761] CPU: 0 UID: 0 PID: 8761 Comm: syz.2.863 Tainted: G L syzkaller #0 PREEMPT(full) [ 296.443035][ T8761] Tainted: [L]=SOFTLOCKUP [ 296.443043][ T8761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 296.443058][ T8761] Call Trace: [ 296.443066][ T8761] [ 296.443075][ T8761] dump_stack_lvl+0x100/0x190 [ 296.443106][ T8761] should_fail_ex.cold+0x5/0xa [ 296.443137][ T8761] should_failslab+0xc2/0x120 [ 296.443166][ T8761] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 296.443207][ T8761] ? acpi_ut_allocate_object_desc_dbg+0x86/0x240 [ 296.443251][ T8761] ? acpi_ut_trace+0x1d7/0x2a0 [ 296.443286][ T8761] acpi_ut_allocate_object_desc_dbg+0x86/0x240 [ 296.443331][ T8761] acpi_ut_create_internal_object_dbg+0x51/0x260 [ 296.443360][ T8761] acpi_ut_create_integer_object+0x46/0xe0 [ 296.443385][ T8761] acpi_ex_read_data_from_field+0x146/0xd40 [ 296.443417][ T8761] ? acpi_ut_ptr_exit+0x10c/0x180 [ 296.443446][ T8761] ? acpi_ut_value_exit+0x10d/0x190 [ 296.443480][ T8761] acpi_ex_resolve_node_to_value+0x6b8/0x9a0 [ 296.443520][ T8761] ? __pfx_acpi_ex_resolve_node_to_value+0x10/0x10 [ 296.443562][ T8761] ? acpi_ds_create_operand+0x267/0xc20 [ 296.443592][ T8761] acpi_ex_resolve_to_value+0x3da/0xcd0 [ 296.443629][ T8761] ? __pfx_acpi_ex_resolve_to_value+0x10/0x10 [ 296.443665][ T8761] ? __pfx_acpi_ns_lookup+0x10/0x10 [ 296.443697][ T8761] ? acpi_ut_track_stack_ptr+0x114/0x180 [ 296.443745][ T8761] acpi_ds_evaluate_name_path+0x30d/0x4a0 [ 296.443773][ T8761] ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10 [ 296.443802][ T8761] ? acpi_ps_get_next_namepath+0x1f6/0xa10 [ 296.443828][ T8761] ? acpi_ut_trace_ptr+0x1d1/0x2a0 [ 296.443861][ T8761] acpi_ds_exec_end_op+0xb78/0x1e60 [ 296.443891][ T8761] ? __pfx_acpi_ds_exec_end_op+0x10/0x10 [ 296.443923][ T8761] acpi_ps_parse_loop+0x5dd/0x24a0 [ 296.443959][ T8761] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 296.443986][ T8761] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 296.444025][ T8761] ? acpi_ut_create_thread_state+0x6d/0x170 [ 296.444061][ T8761] acpi_ps_parse_aml+0x81e/0x1120 [ 296.444095][ T8761] acpi_ps_execute_method+0x5c4/0xe90 [ 296.444133][ T8761] acpi_ns_evaluate+0x640/0x1670 [ 296.444172][ T8761] acpi_evaluate_object+0x420/0xe00 [ 296.444196][ T8761] ? kasan_save_stack+0x30/0x50 [ 296.444217][ T8761] ? kasan_save_track+0x14/0x30 [ 296.444239][ T8761] ? __kasan_kmalloc+0xaa/0xb0 [ 296.444259][ T8761] ? __kvmalloc_node_noprof+0x360/0xa00 [ 296.444286][ T8761] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 296.444310][ T8761] ? lock_acquire+0x1b1/0x370 [ 296.444339][ T8761] acpi_evaluate_integer+0xdf/0x220 [ 296.444376][ T8761] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 296.444424][ T8761] ? __pfx_status_show+0x10/0x10 [ 296.444447][ T8761] status_show+0xa0/0x120 [ 296.444470][ T8761] ? __pfx_status_show+0x10/0x10 [ 296.444500][ T8761] dev_attr_show+0x52/0xa0 [ 296.444532][ T8761] ? __pfx_dev_attr_show+0x10/0x10 [ 296.444561][ T8761] sysfs_kf_seq_show+0x217/0x3a0 [ 296.444614][ T8761] seq_read_iter+0x32f/0x1270 [ 296.444639][ T8761] ? lock_acquire+0x1b1/0x370 [ 296.444691][ T8761] kernfs_fop_read_iter+0x46c/0x610 [ 296.444735][ T8761] ? rw_verify_area+0xce/0x6d0 [ 296.444758][ T8761] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 296.444798][ T8761] vfs_read+0x825/0xb30 [ 296.444829][ T8761] ? __pfx_vfs_read+0x10/0x10 [ 296.444875][ T8761] ksys_read+0x12a/0x250 [ 296.444902][ T8761] ? __pfx_ksys_read+0x10/0x10 [ 296.444938][ T8761] ? rcu_is_watching+0x12/0xc0 [ 296.444973][ T8761] do_syscall_64+0x10b/0xf80 [ 296.445006][ T8761] ? clear_bhb_loop+0x40/0x90 [ 296.445037][ T8761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 296.445062][ T8761] RIP: 0033:0x7fbe0af9cdd9 [ 296.445082][ T8761] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 296.445106][ T8761] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 296.445129][ T8761] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 296.445146][ T8761] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 296.445161][ T8761] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 296.445175][ T8761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 296.445190][ T8761] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 296.445221][ T8761] [ 296.445244][ T8761] ACPI Error: Could not allocate an object descriptor (20251212/utobject-180) [ 297.732799][ T8766] zswap: compressor not available [ 297.764442][ T8761] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 298.204265][ T8783] FAULT_INJECTION: forcing a failure. [ 298.204265][ T8783] name failslab, interval 1, probability 0, space 0, times 0 [ 298.435873][ T8783] CPU: 0 UID: 0 PID: 8783 Comm: syz.3.866 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.435911][ T8783] Tainted: [L]=SOFTLOCKUP [ 298.435919][ T8783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 298.435933][ T8783] Call Trace: [ 298.435941][ T8783] [ 298.435950][ T8783] dump_stack_lvl+0x100/0x190 [ 298.435980][ T8783] should_fail_ex.cold+0x5/0xa [ 298.436010][ T8783] ? sk_prot_alloc+0x10b/0x2a0 [ 298.436040][ T8783] should_failslab+0xc2/0x120 [ 298.436067][ T8783] __kmalloc_noprof+0xe0/0x850 [ 298.436106][ T8783] ? security_inode_alloc+0xcf/0x2c0 [ 298.436149][ T8783] sk_prot_alloc+0x10b/0x2a0 [ 298.436182][ T8783] sk_alloc+0x36/0xe80 [ 298.436206][ T8783] __netlink_create+0x5e/0x2c0 [ 298.436234][ T8783] __netlink_kernel_create+0xed/0x750 [ 298.436268][ T8783] ? __pfx___netlink_kernel_create+0x10/0x10 [ 298.436300][ T8783] ? find_held_lock+0x2b/0x80 [ 298.436331][ T8783] ? audit_net_init+0x190/0x440 [ 298.436357][ T8783] ? audit_net_init+0x190/0x440 [ 298.436388][ T8783] audit_net_init+0x1ae/0x440 [ 298.436415][ T8783] ? __pfx_audit_net_init+0x10/0x10 [ 298.436440][ T8783] ? rcu_is_watching+0x12/0xc0 [ 298.436470][ T8783] ? __pfx_audit_receive+0x10/0x10 [ 298.436501][ T8783] ? __pfx_audit_multicast_bind+0x10/0x10 [ 298.436533][ T8783] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 298.436567][ T8783] ? __kmalloc_noprof+0x320/0x850 [ 298.436614][ T8783] ? __pfx_audit_net_init+0x10/0x10 [ 298.436641][ T8783] ops_init+0x1e2/0x5f0 [ 298.436670][ T8783] setup_net+0x118/0x3a0 [ 298.436697][ T8783] ? __pfx_setup_net+0x10/0x10 [ 298.436723][ T8783] ? mutex_init_lockdep+0xf1/0x120 [ 298.436753][ T8783] copy_net_ns+0x46f/0x7c0 [ 298.436785][ T8783] create_new_namespaces+0x3ea/0xac0 [ 298.436829][ T8783] unshare_nsproxy_namespaces+0xf2/0x220 [ 298.436864][ T8783] ksys_unshare+0x438/0xab0 [ 298.436903][ T8783] ? __pfx_ksys_unshare+0x10/0x10 [ 298.436938][ T8783] ? xfd_validate_state+0x129/0x190 [ 298.436973][ T8783] __x64_sys_unshare+0x31/0x40 [ 298.437009][ T8783] do_syscall_64+0x10b/0xf80 [ 298.437040][ T8783] ? clear_bhb_loop+0x40/0x90 [ 298.437070][ T8783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.437095][ T8783] RIP: 0033:0x7f3953d9cdd9 [ 298.437113][ T8783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.437136][ T8783] RSP: 002b:00007f3954d1f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 298.437158][ T8783] RAX: ffffffffffffffda RBX: 00007f3954015fa0 RCX: 00007f3953d9cdd9 [ 298.437174][ T8783] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 298.437188][ T8783] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 298.437203][ T8783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.437217][ T8783] R13: 00007f3954016038 R14: 00007f3954015fa0 R15: 00007ffce6eaeb18 [ 298.437247][ T8783] [ 300.355446][ T8802] FAULT_INJECTION: forcing a failure. [ 300.355446][ T8802] name failslab, interval 1, probability 0, space 0, times 0 [ 300.430389][ T8802] CPU: 0 UID: 0 PID: 8802 Comm: syz.0.875 Tainted: G L syzkaller #0 PREEMPT(full) [ 300.430426][ T8802] Tainted: [L]=SOFTLOCKUP [ 300.430434][ T8802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 300.430451][ T8802] Call Trace: [ 300.430459][ T8802] [ 300.430468][ T8802] dump_stack_lvl+0x100/0x190 [ 300.430497][ T8802] should_fail_ex.cold+0x5/0xa [ 300.430528][ T8802] should_failslab+0xc2/0x120 [ 300.430555][ T8802] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 300.430600][ T8802] ? vm_area_dup+0x27/0x8e0 [ 300.430632][ T8802] ? __vma_start_write+0x17f/0x280 [ 300.430671][ T8802] vm_area_dup+0x27/0x8e0 [ 300.430707][ T8802] dup_mmap+0x6f6/0x2180 [ 300.430751][ T8802] ? __pfx_dup_mmap+0x10/0x10 [ 300.430780][ T8802] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 300.430816][ T8802] ? __lock_acquire+0x4a5/0x2630 [ 300.430842][ T8802] ? find_held_lock+0x2b/0x80 [ 300.430885][ T8802] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 300.430930][ T8802] copy_process+0x6c63/0x7e00 [ 300.430978][ T8802] ? __pfx_copy_process+0x10/0x10 [ 300.431014][ T8802] ? futex_hash+0x141/0x370 [ 300.431042][ T8802] kernel_clone+0x12e/0x9c0 [ 300.431073][ T8802] ? __pfx_futex_wait+0x10/0x10 [ 300.431104][ T8802] ? __pfx_kernel_clone+0x10/0x10 [ 300.431152][ T8802] __do_sys_clone+0xd9/0x120 [ 300.431185][ T8802] ? __pfx___do_sys_clone+0x10/0x10 [ 300.431235][ T8802] ? rcu_is_watching+0x12/0xc0 [ 300.431266][ T8802] do_syscall_64+0x10b/0xf80 [ 300.431295][ T8802] ? clear_bhb_loop+0x40/0x90 [ 300.431323][ T8802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.431346][ T8802] RIP: 0033:0x7fb785b9cdd9 [ 300.431365][ T8802] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 300.431386][ T8802] RSP: 002b:00007fb786af3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 300.431411][ T8802] RAX: ffffffffffffffda RBX: 00007fb785e15fa0 RCX: 00007fb785b9cdd9 [ 300.431426][ T8802] RDX: 0000000000000000 RSI: 00000000000072d2 RDI: 0000000000000004 [ 300.431439][ T8802] RBP: 00007fb785c32d69 R08: 0000000000000004 R09: 0000000000000000 [ 300.431453][ T8802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 300.431466][ T8802] R13: 00007fb785e16038 R14: 00007fb785e15fa0 R15: 00007ffd8e982748 [ 300.431495][ T8802] [ 303.041434][ T8783] audit: cannot initialize netlink socket in namespace [ 303.383720][ T8832] netlink: 4 bytes leftover after parsing attributes in process `syz.1.884'. [ 303.415620][ T8832] netlink: 25 bytes leftover after parsing attributes in process `syz.1.884'. [ 306.036306][ T8863] FAULT_INJECTION: forcing a failure. [ 306.036306][ T8863] name failslab, interval 1, probability 0, space 0, times 0 [ 306.125825][ T8863] CPU: 0 UID: 0 PID: 8863 Comm: syz.0.893 Tainted: G L syzkaller #0 PREEMPT(full) [ 306.125863][ T8863] Tainted: [L]=SOFTLOCKUP [ 306.125871][ T8863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 306.125885][ T8863] Call Trace: [ 306.125892][ T8863] [ 306.125901][ T8863] dump_stack_lvl+0x100/0x190 [ 306.125931][ T8863] should_fail_ex.cold+0x5/0xa [ 306.125961][ T8863] should_failslab+0xc2/0x120 [ 306.125989][ T8863] __kmalloc_cache_noprof+0x7a/0x6f0 [ 306.126031][ T8863] ? trace_pid_list_alloc+0x2fe/0x480 [ 306.126080][ T8863] trace_pid_list_alloc+0x2fe/0x480 [ 306.126142][ T8863] trace_pid_write+0x110/0x460 [ 306.126178][ T8863] ? __pfx_trace_pid_write+0x10/0x10 [ 306.126230][ T8863] event_pid_write.isra.0+0x1e4/0x7d0 [ 306.126270][ T8863] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 306.126317][ T8863] vfs_write+0x2aa/0x1070 [ 306.126346][ T8863] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 306.126387][ T8863] ? __pfx_vfs_write+0x10/0x10 [ 306.126414][ T8863] ? __fget_files+0x215/0x3d0 [ 306.126450][ T8863] ? __fget_files+0x21f/0x3d0 [ 306.126487][ T8863] ksys_write+0x12a/0x250 [ 306.126515][ T8863] ? __pfx_ksys_write+0x10/0x10 [ 306.126545][ T8863] ? rcu_is_watching+0x12/0xc0 [ 306.126579][ T8863] do_syscall_64+0x10b/0xf80 [ 306.126611][ T8863] ? clear_bhb_loop+0x40/0x90 [ 306.126641][ T8863] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.126667][ T8863] RIP: 0033:0x7fb785b9cdd9 [ 306.126686][ T8863] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.126710][ T8863] RSP: 002b:00007fb786af3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 306.126733][ T8863] RAX: ffffffffffffffda RBX: 00007fb785e15fa0 RCX: 00007fb785b9cdd9 [ 306.126749][ T8863] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 306.126763][ T8863] RBP: 00007fb785c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 306.126778][ T8863] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.126792][ T8863] R13: 00007fb785e16038 R14: 00007fb785e15fa0 R15: 00007ffd8e982748 [ 306.126823][ T8863] [ 306.569443][ T8865] netlink: 186 bytes leftover after parsing attributes in process `syz.1.894'. [ 306.588424][ T8865] netlink: 186 bytes leftover after parsing attributes in process `syz.1.894'. [ 307.939508][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.3.899'. [ 307.992940][ T8876] netlink: 25 bytes leftover after parsing attributes in process `syz.3.899'. [ 308.438018][ T50] Bluetooth: hci0: Malformed Event: 0x02 syzkaller syzkaller login: [ 311.678274][ T8923] netlink: 246 bytes leftover after parsing attributes in process `syz.0.913'. [ 312.860762][ T8935] FAULT_INJECTION: forcing a failure. [ 312.860762][ T8935] name failslab, interval 1, probability 0, space 0, times 0 [ 312.924659][ T8935] CPU: 0 UID: 0 PID: 8935 Comm: syz.1.917 Tainted: G L syzkaller #0 PREEMPT(full) [ 312.924697][ T8935] Tainted: [L]=SOFTLOCKUP [ 312.924705][ T8935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 312.924720][ T8935] Call Trace: [ 312.924727][ T8935] [ 312.924736][ T8935] dump_stack_lvl+0x100/0x190 [ 312.924767][ T8935] should_fail_ex.cold+0x5/0xa [ 312.924799][ T8935] should_failslab+0xc2/0x120 [ 312.924828][ T8935] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 312.924867][ T8935] ? acpi_ut_create_generic_state+0x61/0xc0 [ 312.924908][ T8935] acpi_ut_create_generic_state+0x61/0xc0 [ 312.924936][ T8935] acpi_ds_result_push+0x2a4/0x600 [ 312.924982][ T8935] ? acpi_ds_obj_stack_pop+0x105/0x270 [ 312.925019][ T8935] acpi_ds_evaluate_name_path+0x225/0x4a0 [ 312.925047][ T8935] ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10 [ 312.925078][ T8935] ? acpi_ps_get_next_namepath+0x1f6/0xa10 [ 312.925105][ T8935] ? acpi_ut_trace_ptr+0x1d1/0x2a0 [ 312.925140][ T8935] acpi_ds_exec_end_op+0xb78/0x1e60 [ 312.925170][ T8935] ? __pfx_acpi_ds_exec_end_op+0x10/0x10 [ 312.925197][ T8935] acpi_ps_parse_loop+0x5dd/0x24a0 [ 312.925233][ T8935] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 312.925261][ T8935] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 312.925301][ T8935] ? acpi_ut_create_thread_state+0x6d/0x170 [ 312.925343][ T8935] acpi_ps_parse_aml+0x81e/0x1120 [ 312.925378][ T8935] acpi_ps_execute_method+0x5c4/0xe90 [ 312.925417][ T8935] acpi_ns_evaluate+0x640/0x1670 [ 312.925465][ T8935] acpi_evaluate_object+0x420/0xe00 [ 312.925490][ T8935] ? kasan_save_stack+0x30/0x50 [ 312.925513][ T8935] ? kasan_save_track+0x14/0x30 [ 312.925535][ T8935] ? __kasan_kmalloc+0xaa/0xb0 [ 312.925557][ T8935] ? __kvmalloc_node_noprof+0x360/0xa00 [ 312.925585][ T8935] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 312.925610][ T8935] ? lock_acquire+0x1b1/0x370 [ 312.925641][ T8935] acpi_evaluate_integer+0xdf/0x220 [ 312.925682][ T8935] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 312.925732][ T8935] ? __pfx_status_show+0x10/0x10 [ 312.925756][ T8935] status_show+0xa0/0x120 [ 312.925780][ T8935] ? __pfx_status_show+0x10/0x10 [ 312.925811][ T8935] dev_attr_show+0x52/0xa0 [ 312.925843][ T8935] ? __pfx_dev_attr_show+0x10/0x10 [ 312.925874][ T8935] sysfs_kf_seq_show+0x217/0x3a0 [ 312.925921][ T8935] seq_read_iter+0x32f/0x1270 [ 312.925947][ T8935] ? lock_acquire+0x1b1/0x370 [ 312.925981][ T8935] kernfs_fop_read_iter+0x46c/0x610 [ 312.926019][ T8935] ? rw_verify_area+0xce/0x6d0 [ 312.926043][ T8935] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 312.926082][ T8935] vfs_read+0x825/0xb30 [ 312.926113][ T8935] ? __pfx_vfs_read+0x10/0x10 [ 312.926159][ T8935] ksys_read+0x12a/0x250 [ 312.926186][ T8935] ? __pfx_ksys_read+0x10/0x10 [ 312.926216][ T8935] ? rcu_is_watching+0x12/0xc0 [ 312.926250][ T8935] do_syscall_64+0x10b/0xf80 [ 312.926282][ T8935] ? clear_bhb_loop+0x40/0x90 [ 312.926312][ T8935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.926338][ T8935] RIP: 0033:0x7fd59459cdd9 [ 312.926357][ T8935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.926381][ T8935] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 312.926404][ T8935] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 312.926420][ T8935] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 312.926435][ T8935] RBP: 00007fd594632d69 R08: 0000000000000000 R09: 0000000000000000 [ 312.926450][ T8935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.926470][ T8935] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 312.926502][ T8935] [ 313.673445][ T8935] ACPI Error: Failed to extend the result stack (20251212/dswstate-130) [ 313.692341][ T8935] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 314.507720][ T8627] syz.3.822 (8627) used greatest stack depth: 19672 bytes left [ 314.683261][ T8948] netlink: 330 bytes leftover after parsing attributes in process `syz.0.921'. [ 314.989190][ T8950] syz.0.923 (8950): /proc/8950/oom_adj is deprecated, please use /proc/8950/oom_score_adj instead. [ 316.288539][ T8964] netlink: 246 bytes leftover after parsing attributes in process `syz.3.926'. [ 317.253369][ T1312] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.263057][ T1312] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.456265][ T8952] Process accounting paused [ 320.510305][ T9014] FAULT_INJECTION: forcing a failure. [ 320.510305][ T9014] name failslab, interval 1, probability 0, space 0, times 0 [ 320.510392][ T9014] CPU: 0 UID: 0 PID: 9014 Comm: syz.1.938 Tainted: G L syzkaller #0 PREEMPT(full) [ 320.510427][ T9014] Tainted: [L]=SOFTLOCKUP [ 320.510435][ T9014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 320.510450][ T9014] Call Trace: [ 320.510458][ T9014] [ 320.510466][ T9014] dump_stack_lvl+0x100/0x190 [ 320.510501][ T9014] should_fail_ex.cold+0x5/0xa [ 320.510545][ T9014] should_failslab+0xc2/0x120 [ 320.510573][ T9014] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 320.510612][ T9014] ? ptlock_alloc+0x1f/0x70 [ 320.510647][ T9014] ? do_raw_spin_lock+0x128/0x260 [ 320.510679][ T9014] ptlock_alloc+0x1f/0x70 [ 320.510713][ T9014] pte_alloc_one+0x82/0x3d0 [ 320.510748][ T9014] __pte_alloc+0x6d/0x3e0 [ 320.510781][ T9014] ? __pfx___pte_alloc+0x10/0x10 [ 320.510808][ T9014] ? __pfx___might_resched+0x10/0x10 [ 320.510834][ T9014] ? copy_page_range+0x1c2d/0x5b00 [ 320.510874][ T9014] copy_page_range+0x3dbb/0x5b00 [ 320.510940][ T9014] ? mas_wr_store_entry+0xa1/0x1e80 [ 320.510978][ T9014] ? __pfx_copy_page_range+0x10/0x10 [ 320.511024][ T9014] ? __pfx___might_resched+0x10/0x10 [ 320.511061][ T9014] ? up_write+0x28c/0x4f0 [ 320.511091][ T9014] dup_mmap+0xd25/0x2180 [ 320.511133][ T9014] ? __pfx_dup_mmap+0x10/0x10 [ 320.511163][ T9014] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 320.511198][ T9014] ? __lock_acquire+0x4a5/0x2630 [ 320.511221][ T9014] ? find_held_lock+0x2b/0x80 [ 320.511252][ T9014] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 320.511298][ T9014] copy_process+0x6c63/0x7e00 [ 320.511348][ T9014] ? __pfx_copy_process+0x10/0x10 [ 320.511386][ T9014] ? futex_hash+0x141/0x370 [ 320.511415][ T9014] kernel_clone+0x12e/0x9c0 [ 320.511448][ T9014] ? __pfx_futex_wait+0x10/0x10 [ 320.511481][ T9014] ? __pfx_kernel_clone+0x10/0x10 [ 320.511531][ T9014] __do_sys_clone+0xd9/0x120 [ 320.511566][ T9014] ? __pfx___do_sys_clone+0x10/0x10 [ 320.511618][ T9014] ? rcu_is_watching+0x12/0xc0 [ 320.511651][ T9014] do_syscall_64+0x10b/0xf80 [ 320.511682][ T9014] ? clear_bhb_loop+0x40/0x90 [ 320.511711][ T9014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.511736][ T9014] RIP: 0033:0x7fd59459cdd9 [ 320.511761][ T9014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 320.511785][ T9014] RSP: 002b:00007fd5953a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 320.511809][ T9014] RAX: ffffffffffffffda RBX: 00007fd594815fa0 RCX: 00007fd59459cdd9 [ 320.511825][ T9014] RDX: 0000000000000000 RSI: 00000000000072d2 RDI: 0000000000000004 [ 320.511839][ T9014] RBP: 00007fd594632d69 R08: 0000000000000004 R09: 0000000000000000 [ 320.511854][ T9014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 320.511868][ T9014] R13: 00007fd594816038 R14: 00007fd594815fa0 R15: 00007ffd8e9cd888 [ 320.511899][ T9014] syzkaller syzkaller login: [ 322.524939][ T9042] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 322.638986][ T9043] smpboot: CPU 1 is now offline syzkaller syzkaller login: [ 329.142674][ T9115] FAULT_INJECTION: forcing a failure. [ 329.142674][ T9115] name failslab, interval 1, probability 0, space 0, times 0 [ 329.235294][ T9115] CPU: 0 UID: 0 PID: 9115 Comm: syz.2.964 Tainted: G L syzkaller #0 PREEMPT(full) [ 329.235333][ T9115] Tainted: [L]=SOFTLOCKUP [ 329.235342][ T9115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 329.235357][ T9115] Call Trace: [ 329.235365][ T9115] [ 329.235374][ T9115] dump_stack_lvl+0x100/0x190 [ 329.235407][ T9115] should_fail_ex.cold+0x5/0xa [ 329.235438][ T9115] ? tracepoint_add_func+0x3a8/0x1150 [ 329.235474][ T9115] should_failslab+0xc2/0x120 [ 329.235502][ T9115] __kmalloc_noprof+0xe0/0x850 [ 329.235546][ T9115] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 329.235577][ T9115] tracepoint_add_func+0x3a8/0x1150 [ 329.235613][ T9115] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 329.235650][ T9115] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 329.235680][ T9115] tracepoint_probe_register+0xc4/0x110 [ 329.235719][ T9115] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 329.235756][ T9115] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 329.235790][ T9115] ? __pfx_trace_event_raw_event_nfsd_file_cons_err+0x10/0x10 [ 329.235821][ T9115] ? __pfx_probe_sched_switch+0x10/0x10 [ 329.235868][ T9115] trace_event_reg+0x209/0x350 [ 329.235901][ T9115] __ftrace_event_enable_disable+0x211/0x6f0 [ 329.235944][ T9115] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 329.235990][ T9115] ftrace_set_clr_event+0x1b7/0x3f0 [ 329.236021][ T9115] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 329.236048][ T9115] ? trace_get_user+0x3ae/0xa70 [ 329.236093][ T9115] ftrace_event_write+0x259/0x2c0 [ 329.236121][ T9115] ? __pfx_ftrace_event_write+0x10/0x10 [ 329.236161][ T9115] vfs_write+0x2aa/0x1070 [ 329.236189][ T9115] ? __pfx_ftrace_event_write+0x10/0x10 [ 329.236220][ T9115] ? __pfx_vfs_write+0x10/0x10 [ 329.236246][ T9115] ? __fget_files+0x215/0x3d0 [ 329.236281][ T9115] ? __fget_files+0x21f/0x3d0 [ 329.236316][ T9115] ksys_write+0x12a/0x250 [ 329.236343][ T9115] ? __pfx_ksys_write+0x10/0x10 [ 329.236373][ T9115] ? rcu_is_watching+0x12/0xc0 [ 329.236407][ T9115] do_syscall_64+0x10b/0xf80 [ 329.236456][ T9115] ? clear_bhb_loop+0x40/0x90 [ 329.236487][ T9115] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.236513][ T9115] RIP: 0033:0x7fbe0af9cdd9 [ 329.236533][ T9115] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 329.236557][ T9115] RSP: 002b:00007fbe0bed8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 329.236581][ T9115] RAX: ffffffffffffffda RBX: 00007fbe0b215fa0 RCX: 00007fbe0af9cdd9 [ 329.236597][ T9115] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000006 [ 329.236612][ T9115] RBP: 00007fbe0b032d69 R08: 0000000000000000 R09: 0000000000000000 [ 329.236628][ T9115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 329.236643][ T9115] R13: 00007fbe0b216038 R14: 00007fbe0b215fa0 R15: 00007ffd25856948 [ 329.236675][ T9115] [ 329.829974][ T9115] event trace: Could not enable event nfsd_file_cons_err [ 331.942301][ T9144] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 332.115888][ T9151] smpboot: CPU 1 is now offline [ 337.249961][ T9222] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 337.469637][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 337.481091][ T9225] smpboot: CPU 1 is now offline [ 339.254349][ T9243] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 339.324224][ T9254] FAULT_INJECTION: forcing a failure. [ 339.324224][ T9254] name failslab, interval 1, probability 0, space 0, times 0 [ 339.324266][ T9254] CPU: 0 UID: 0 PID: 9254 Comm: syz.0.996 Tainted: G L syzkaller #0 PREEMPT(full) [ 339.324303][ T9254] Tainted: [L]=SOFTLOCKUP [ 339.324311][ T9254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 339.324327][ T9254] Call Trace: [ 339.324335][ T9254] [ 339.324343][ T9254] dump_stack_lvl+0x100/0x190 [ 339.324374][ T9254] should_fail_ex.cold+0x5/0xa [ 339.324405][ T9254] should_failslab+0xc2/0x120 [ 339.324441][ T9254] __kmalloc_cache_noprof+0x7a/0x6f0 [ 339.324478][ T9254] ? refill_pi_state_cache+0x91/0x260 [ 339.324519][ T9254] refill_pi_state_cache+0x91/0x260 [ 339.324552][ T9254] futex_lock_pi+0x16d/0x7a0 [ 339.324588][ T9254] ? __pfx_futex_lock_pi+0x10/0x10 [ 339.324623][ T9254] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 339.324678][ T9254] ? __pfx_futex_wake_mark+0x10/0x10 [ 339.324717][ T9254] ? __get_user_nocheck_8+0x20/0x20 [ 339.324744][ T9254] ? do_vfs_ioctl+0x226/0x13e0 [ 339.324772][ T9254] do_futex+0x18a/0x350 [ 339.324800][ T9254] ? __pfx_do_futex+0x10/0x10 [ 339.324829][ T9254] ? find_held_lock+0x2b/0x80 [ 339.324866][ T9254] __x64_sys_futex+0x34f/0x4d0 [ 339.324897][ T9254] ? __pfx___x64_sys_futex+0x10/0x10 [ 339.324930][ T9254] ? rcu_is_watching+0x12/0xc0 [ 339.324964][ T9254] do_syscall_64+0x10b/0xf80 [ 339.324995][ T9254] ? clear_bhb_loop+0x40/0x90 [ 339.325026][ T9254] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.325058][ T9254] RIP: 0033:0x7fb785b9cdd9 [ 339.325078][ T9254] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.325102][ T9254] RSP: 002b:00007fb786ad2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 339.325126][ T9254] RAX: ffffffffffffffda RBX: 00007fb785e16090 RCX: 00007fb785b9cdd9 [ 339.325143][ T9254] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 339.325158][ T9254] RBP: 00007fb785c32d69 R08: 0000000000000000 R09: 000000008000fff5 [ 339.325173][ T9254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.325189][ T9254] R13: 00007fb785e16128 R14: 00007fb785e16090 R15: 00007ffd8e982748 [ 339.325219][ T9254] [ 339.356502][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 339.360803][ T9255] smpboot: CPU 1 is now offline [ 339.388182][ T9253] Console: switching to colour VGA+ 80x25 [ 339.998286][ T9260] binder: 9259:9260 ioctl c0306201 0 returned -14 [ 341.862089][ T9256] ================================================================== [ 341.862109][ T9256] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 341.862143][ T9256] Read of size 26 at addr ffff88807f3112ea by task syz.3.997/9256 [ 341.862164][ T9256] [ 341.862177][ T9256] CPU: 0 UID: 0 PID: 9256 Comm: syz.3.997 Tainted: G L syzkaller #0 PREEMPT(full) [ 341.862212][ T9256] Tainted: [L]=SOFTLOCKUP [ 341.862221][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 341.862236][ T9256] Call Trace: [ 341.862244][ T9256] [ 341.862253][ T9256] dump_stack_lvl+0x100/0x190 [ 341.862279][ T9256] print_report+0x13d/0x4b0 [ 341.862316][ T9256] ? __virt_addr_valid+0x239/0x430 [ 341.862359][ T9256] ? fbcon_prepare_logo+0x94e/0xc60 [ 341.862384][ T9256] kasan_report+0xdf/0x1d0 [ 341.862413][ T9256] ? fbcon_prepare_logo+0x94e/0xc60 [ 341.862443][ T9256] kasan_check_range+0x10f/0x1e0 [ 341.862476][ T9256] __asan_memcpy+0x23/0x60 [ 341.862514][ T9256] fbcon_prepare_logo+0x94e/0xc60 [ 341.862546][ T9256] fbcon_init+0x1065/0x1830 [ 341.862577][ T9256] visual_init+0x320/0x620 [ 341.862606][ T9256] do_bind_con_driver.isra.0+0x636/0x9c0 [ 341.862646][ T9256] store_bind+0x609/0x730 [ 341.862682][ T9256] ? __pfx_store_bind+0x10/0x10 [ 341.862715][ T9256] dev_attr_store+0x58/0x80 [ 341.862745][ T9256] ? __pfx_dev_attr_store+0x10/0x10 [ 341.862774][ T9256] sysfs_kf_write+0xf2/0x150 [ 341.862821][ T9256] kernfs_fop_write_iter+0x3e0/0x5f0 [ 341.862857][ T9256] ? __pfx_sysfs_kf_write+0x10/0x10 [ 341.862904][ T9256] vfs_write+0x6ac/0x1070 [ 341.862933][ T9256] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 341.862971][ T9256] ? __pfx_vfs_write+0x10/0x10 [ 341.863017][ T9256] ksys_write+0x12a/0x250 [ 341.863044][ T9256] ? __pfx_ksys_write+0x10/0x10 [ 341.863074][ T9256] ? rcu_is_watching+0x12/0xc0 [ 341.863105][ T9256] do_syscall_64+0x10b/0xf80 [ 341.863137][ T9256] ? clear_bhb_loop+0x40/0x90 [ 341.863166][ T9256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.863191][ T9256] RIP: 0033:0x7f3953d9cdd9 [ 341.863210][ T9256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.863235][ T9256] RSP: 002b:00007f3954cdd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.863258][ T9256] RAX: ffffffffffffffda RBX: 00007f3954016180 RCX: 00007f3953d9cdd9 [ 341.863275][ T9256] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000002 [ 341.863292][ T9256] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 341.863307][ T9256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.863323][ T9256] R13: 00007f3954016218 R14: 00007f3954016180 R15: 00007ffce6eaeb18 [ 341.863347][ T9256] [ 341.863355][ T9256] [ 341.863361][ T9256] Allocated by task 9191: [ 341.863378][ T9256] kasan_save_stack+0x30/0x50 [ 341.863400][ T9256] kasan_save_track+0x14/0x30 [ 341.863422][ T9256] __kasan_kmalloc+0xaa/0xb0 [ 341.863443][ T9256] kset_create_and_add+0x4d/0x190 [ 341.863481][ T9256] netdev_register_kobject+0x1ef/0x3d0 [ 341.863513][ T9256] register_netdevice+0x151c/0x24b0 [ 341.863539][ T9256] register_netdev+0x34/0x50 [ 341.863563][ T9256] loopback_net_init+0x7a/0x170 [ 341.863595][ T9256] ops_init+0x1e2/0x5f0 [ 341.863618][ T9256] setup_net+0x118/0x3a0 [ 341.863642][ T9256] copy_net_ns+0x46f/0x7c0 [ 341.863670][ T9256] create_new_namespaces+0x3ea/0xac0 [ 341.863701][ T9256] unshare_nsproxy_namespaces+0xf2/0x220 [ 341.863733][ T9256] ksys_unshare+0x438/0xab0 [ 341.863767][ T9256] __x64_sys_unshare+0x31/0x40 [ 341.863803][ T9256] do_syscall_64+0x10b/0xf80 [ 341.863839][ T9256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.863863][ T9256] [ 341.863869][ T9256] Freed by task 728: [ 341.863879][ T9256] kasan_save_stack+0x30/0x50 [ 341.863901][ T9256] kasan_save_track+0x14/0x30 [ 341.863923][ T9256] kasan_save_free_info+0x3b/0x70 [ 341.863963][ T9256] __kasan_slab_free+0x5f/0x80 [ 341.863987][ T9256] kfree+0x223/0x6c0 [ 341.864020][ T9256] kobject_put+0x1f7/0x640 [ 341.864054][ T9256] kset_unregister+0x62/0x80 [ 341.864088][ T9256] netdev_unregister_kobject+0x2d0/0x540 [ 341.864120][ T9256] unregister_netdevice_many_notify+0x179e/0x24f0 [ 341.864149][ T9256] default_device_exit_batch+0x946/0xc60 [ 341.864177][ T9256] ops_undo_list+0x363/0xab0 [ 341.864213][ T9256] cleanup_net+0x499/0x920 [ 341.864240][ T9256] process_one_work+0xa0e/0x1980 [ 341.864261][ T9256] worker_thread+0x5ef/0xe50 [ 341.864282][ T9256] kthread+0x370/0x450 [ 341.864300][ T9256] ret_from_fork+0x72b/0xd50 [ 341.864323][ T9256] ret_from_fork_asm+0x1a/0x30 [ 341.864354][ T9256] [ 341.864359][ T9256] The buggy address belongs to the object at ffff88807f311200 [ 341.864359][ T9256] which belongs to the cache kmalloc-192 of size 192 [ 341.864378][ T9256] The buggy address is located 42 bytes to the right of [ 341.864378][ T9256] allocated 192-byte region [ffff88807f311200, ffff88807f3112c0) [ 341.864403][ T9256] [ 341.864413][ T9256] The buggy address belongs to the physical page: [ 341.864423][ T9256] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807f311900 pfn:0x7f311 [ 341.864449][ T9256] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff) [ 341.864473][ T9256] page_type: f5(slab) [ 341.864493][ T9256] raw: 00fff00000000200 ffff88813fe2e3c0 ffffea0000a7ae90 ffffea0000dce350 [ 341.864518][ T9256] raw: ffff88807f311900 000000080010000f 00000000f5000000 0000000000000000 [ 341.864532][ T9256] page dumped because: kasan: bad access detected [ 341.864549][ T9256] page_owner tracks the page as allocated [ 341.864556][ T9256] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6450, tgid 6449 (syz.2.215), ts 135728424636, free_ts 135167942406 [ 341.864599][ T9256] post_alloc_hook+0x153/0x170 [ 341.864633][ T9256] get_page_from_freelist+0x11a6/0x33b0 [ 341.864671][ T9256] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 341.864709][ T9256] new_slab+0xa6/0x6c0 [ 341.864740][ T9256] refill_objects+0x277/0x420 [ 341.864774][ T9256] __pcs_replace_empty_main+0x375/0x650 [ 341.864816][ T9256] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 341.864840][ T9256] kmemdup_noprof+0x29/0x60 [ 341.864862][ T9256] neigh_parms_alloc+0x85/0x5e0 [ 341.864887][ T9256] inetdev_init+0x13c/0x570 [ 341.864916][ T9256] inetdev_event+0x7fa/0x17f0 [ 341.864945][ T9256] notifier_call_chain+0x99/0x400 [ 341.864981][ T9256] call_netdevice_notifiers_info+0xbe/0x110 [ 341.865010][ T9256] register_netdevice+0x18fe/0x24b0 [ 341.865034][ T9256] __ip_tunnel_create+0x52b/0x670 [ 341.865062][ T9256] ip_tunnel_init_net+0x230/0x780 [ 341.865092][ T9256] page last free pid 6438 tgid 6438 stack trace: [ 341.865105][ T9256] __free_frozen_pages+0x747/0x1040 [ 341.865137][ T9256] tlb_remove_table_rcu+0x2cf/0x380 [ 341.865168][ T9256] rcu_core+0x5a2/0x10d0 [ 341.865190][ T9256] handle_softirqs+0x1ea/0xa00 [ 341.865219][ T9256] __irq_exit_rcu+0x162/0x210 [ 341.865247][ T9256] irq_exit_rcu+0x9/0x30 [ 341.865275][ T9256] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 341.865303][ T9256] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 341.865329][ T9256] [ 341.865334][ T9256] Memory state around the buggy address: [ 341.865346][ T9256] ffff88807f311180: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 341.865363][ T9256] ffff88807f311200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 341.865380][ T9256] >ffff88807f311280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 341.865393][ T9256] ^ [ 341.865407][ T9256] ffff88807f311300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 341.865424][ T9256] ffff88807f311380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 341.865437][ T9256] ================================================================== [ 341.936403][ T9256] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 341.936428][ T9256] CPU: 0 UID: 0 PID: 9256 Comm: syz.3.997 Tainted: G L syzkaller #0 PREEMPT(full) [ 341.936465][ T9256] Tainted: [L]=SOFTLOCKUP [ 341.936474][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 341.936490][ T9256] Call Trace: [ 341.936499][ T9256] [ 341.936508][ T9256] dump_stack_lvl+0x100/0x190 [ 341.936545][ T9256] vpanic+0x552/0x970 [ 341.936568][ T9256] ? __pfx_vpanic+0x10/0x10 [ 341.936596][ T9256] ? fbcon_prepare_logo+0x94e/0xc60 [ 341.936627][ T9256] panic+0xd1/0xe0 [ 341.936649][ T9256] ? __pfx_panic+0x10/0x10 [ 341.936673][ T9256] ? fbcon_prepare_logo+0x94e/0xc60 [ 341.936700][ T9256] ? preempt_schedule_common+0x42/0xc0 [ 341.936735][ T9256] check_panic_on_warn.cold+0x19/0x34 [ 341.936762][ T9256] end_report.part.0+0x3a/0x90 [ 341.936798][ T9256] kasan_report.cold+0xe/0x18 [ 341.936842][ T9256] ? fbcon_prepare_logo+0x94e/0xc60 [ 341.936876][ T9256] kasan_check_range+0x10f/0x1e0 [ 341.936910][ T9256] __asan_memcpy+0x23/0x60 [ 341.936949][ T9256] fbcon_prepare_logo+0x94e/0xc60 [ 341.936982][ T9256] fbcon_init+0x1065/0x1830 [ 341.937012][ T9256] visual_init+0x320/0x620 [ 341.937042][ T9256] do_bind_con_driver.isra.0+0x636/0x9c0 [ 341.937082][ T9256] store_bind+0x609/0x730 [ 341.937119][ T9256] ? __pfx_store_bind+0x10/0x10 [ 341.937152][ T9256] dev_attr_store+0x58/0x80 [ 341.937182][ T9256] ? __pfx_dev_attr_store+0x10/0x10 [ 341.937212][ T9256] sysfs_kf_write+0xf2/0x150 [ 341.937254][ T9256] kernfs_fop_write_iter+0x3e0/0x5f0 [ 341.937289][ T9256] ? __pfx_sysfs_kf_write+0x10/0x10 [ 341.937331][ T9256] vfs_write+0x6ac/0x1070 [ 341.937359][ T9256] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 341.937397][ T9256] ? __pfx_vfs_write+0x10/0x10 [ 341.937434][ T9256] ksys_write+0x12a/0x250 [ 341.937461][ T9256] ? __pfx_ksys_write+0x10/0x10 [ 341.937491][ T9256] ? rcu_is_watching+0x12/0xc0 [ 341.937523][ T9256] do_syscall_64+0x10b/0xf80 [ 341.937555][ T9256] ? clear_bhb_loop+0x40/0x90 [ 341.937584][ T9256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.937609][ T9256] RIP: 0033:0x7f3953d9cdd9 [ 341.937628][ T9256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.937653][ T9256] RSP: 002b:00007f3954cdd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.937677][ T9256] RAX: ffffffffffffffda RBX: 00007f3954016180 RCX: 00007f3953d9cdd9 [ 341.937694][ T9256] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000002 [ 341.937710][ T9256] RBP: 00007f3953e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 341.937726][ T9256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.937741][ T9256] R13: 00007f3954016218 R14: 00007f3954016180 R15: 00007ffce6eaeb18 [ 341.937766][ T9256] [ 341.937848][ T9256] Kernel Offset: disabled